Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

borderColor#000000
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#000000
borderStylesolid
titleIntroduction

Use this guide as a reference to

...

map the SecureAuth® Identity Platform (formerly SecureAuth IdP

...

) profile properties to LDAP

...

attributes in the directory.

...

SecureAuth IdP integrates with on-premises directories for user profile mapping to validate and extract information without storing any data on the appliance to effectively authenticate and assert end-users.

The table below exemplifies the LDAP Attribute requirements for each Profile Property, and provides Active Directory-specific examples that can be utilized in configurations.

...

borderColor#444443
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#444443
borderStylesolid
titlePrerequisites

1. Access to an LDAP directory store

...

 

You can integrate an LDAP directory with the Identity Platform to assert or manage user identity information. 

The mapping table details the LDAP attribute requirements for each profile property.  The table includes examples of specific Active Directory fields which can be used in configurations. 

Prerequisites

  • Access to an LDAP directory store
  • Service account with read access, and optional write access to enable various features

...

  • . In the table below, the True Writable options

...

  • are not be available if the service account only has

...

  • read access

...

  • Grant permissions to the directory fields that are required to be writable (if providing write access to the service account)

...

  • LDAP directory

...

borderColor#135570
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#135570
borderStylesolid
titleSecureAuth IdP Profile Properties

...

This list includes all available Profile Properties; however, not every Property is required to be mapped

...

  • integration with Identity Platform

Contents

Table of Contents
maxLevel1

Identity Platform profile properties

The following table lists all available profile properties; however it does not require that every property be mapped.  

Any property that is specifically used in the realm for authentication and post-authentication must be mapped to an LDAP directory field

...

The AD Field

...

column in the table

...

provides an example of a valid directory field to use in the configuration; however,

...

you can use any field that fulfills the requirements

...

.

...

Profile PropertyDefinitionLDAP

...

attribute requirementsExample of AD-specific

...

field

...

  • LDAP Syntax: 2.5.5.12 (Directory String)
  • Multi-valued: False
  • Format Support: Plain Text
  • Writable: False

...

First NameFirst name of user
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False
Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management (Help Desk) realm configuration, when First Name is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when First Name is set to Show Enabled
givenName
Last Name

...

Last name of user
Definition List
LDAP Syntax

...

2.5.5.12 (Directory String)
Multi-valued

...

False
Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management (Help Desk) realm configuration, when Last Name is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when Last Name is set to Show Enabled
sn
GroupsGroups to which a user belongs
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False
Format Support

...

Plain

...

text
Writable

...

  • True for Account Management Page realm if Show Enabled is selected from the Phone 1 dropdown on the Help Desk Configuration Page
  • True for Self-service Account Update realm if Show Enabled is selected from the Phone 1 dropdown on the Self-service Configuration Page

...

False
memberOf
Phone 1 (Work)

Primary phone number associated with user; typically a work number

Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False

Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management (Help Desk) realm configuration, when Phone 1 is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when Phone 1 is set to Show Enabled
telephoneNumber
Phone 2 (Mobile)Secondary phone number associated with user; typically a mobile number
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False

Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management (Help Desk) realm configuration, when Phone 2 is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when Phone 2 is set to Show Enabled
mobile
Phone 3 (Alternate)Alternate phone number associated with user 
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False

Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management (Help Desk) realm configuration, when Phone 3 is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when Phone 3 is set to Show Enabled

See DirectoryString List below for options

...

Phone 4 (Alternate)Alternate phone number associated with user 
Definition List
LDAP Syntax

...

2.5.5.12 (Directory String)
Multi-valued

...

False

Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management

...

  • (Help Desk) realm configuration, when Phone 3 is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when Phone 3 is set to Show Enabled
See DirectoryString List below for options
Email 1 (Work)

Primary email address associated with user; typically a work email

Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False

Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management (Help Desk) realm configuration, when Email 1 is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when Email 1 is set to Show Enabled
mail
Email 2 (Personal)

Secondary email address associated with user; typically a personal email

Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False

Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management (Help Desk) realm configuration, when Email 2 is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when Email 2 is set to Show Enabled
See DirectoryString List below for options
Email

...

3 (Alternate)Alternate email address associated with user
Definition List
LDAP Syntax

...

2.5.5.12 (Directory String)
Multi-valued

...

False

Format Support

...

Plain

...

text
Writable

...

  • True

...

  • – in Account Management (Help Desk) realm configuration, when Email 3 is set to Show Enabled
  • True – in Self-service Account Update

...

  •  realm configuration, when Email 3 is set to Show Enabled
See DirectoryString List below for options

...

Email 4 (Alternate)Alternate email address associated with user
Definition List
LDAP Syntax

...

2.5.5.12 (Directory String

...

)

...

Multi-valued

...

False

Format SupportPlain text
Writable

...

  • True – in Account Management (Help Desk) realm configuration, when Email 4 is set to Show Enabled
  • True – in Self-service Account Update

...

  • LDAP Syntax: 2.5.5.12 (Directory String)
  • Size (RangeUpper): 32768 Recommended (dependent on number and length of KBQs)
  • Multi-valued: False
Format SupportWritable
Base64 Encoding (based on selection in Multi-Factor Methods tab)True for Account Management Page realm if Show is selected from the Clear KBQ-KBA CheckBox  dropdown on the Help Desk Configuration Page
Encryption (based on selection in Multi-Factor Methods tab)True for Self-service Account Update realm if Show Enabled is selected from the KBQ-KBA dropdown on the Self-service Configuration Page

...

  •  realm configuration, when Email 4 is set to Show Enabled
See DirectoryString List below for options
Aux ID 1 to Aux ID 10

Placeholder properties that can be mapped to any LDAP attribute and extracted for authentication or asserted to resource

Definition List
LDAP SyntaxDepends on LDAP attribute
Format SupportDepends on LDAP attribute
Writable
  • True – in Account Management (Help Desk) realm configuration, when Aux ID # is set to Show Enabled
  • True – in Self-service Account Update realm configuration, when Aux ID # is set to Show Enabled
Appropriate LDAP Attribute
PIN

Static personal identification number (PIN) associated with the user account

Definition List
LDAP Syntax2.5.5.12 (Directory String)
Size (RangeUpper)

...

1024
Multi-valued

...

False

Format

...

Support – Plain text (based on selection in Multi-

...

Factors Methods tab)

...

Writable is True – in Account Management (Help Desk) realm configuration, when PIN is set to Show Enabled

Format Support – standard hash (based on selection in Multi-

...

  • LDAP Syntax, Format Support: Dependent on LDAP Attribute
  • Writable:
    • True for Account Management Page realm if Show Enabled is selected from the Aux 1 - 10 dropdown(s) on the Help Desk Configuration Page
    • True for Self-service Account Update realm if Show Enabled is selected from the Aux 1 - 10 dropdown(s) on the Self-service Configuration Page

...

Factors Methods tab)

Writable is True – in Self-service Account Update realm configuration, when PIN is set to Show Enabled

otherLoginWorkstations
Knowledge-based questions (KBQ)

Knowledge-based questions for the user; for example, what city did you grow up? 

Definition List
LDAP Syntax2.5.5.12 (Directory String)
Size (RangeUpper)32768 recommended; dependent on number and length of KBQs
Multi-valuedFalse

Format Support –  Base64 encoding (based on selection in Multi-Factors Methods tab)

Writable is True – in Account Management (Help Desk) realm configuration, when Clear KBQ-KBA CheckBox is set to Show

Format Support – Encryption (based on selection in Multi-Factors Methods tab)

Writable is True – in Self-service Account Update realm configuration, when KBQ-KBA is set to Show Enabled

houseIdentifier
Knowledge-based answers (KBA)Knowledge-based answers from the user; for example, Irvine
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Size (RangeUpper)4096 recommended; dependent on number and length of KBAs
Multi-valuedFalse

Format Support –  Base64 encoding (based on selection in Multi-Factors Methods tab)

Writable is True – in Account Management (Help Desk) realm configuration, when Clear KBQ-KBA CheckBox is set to Show

Format Support – Encryption (based on selection in Multi-Factors Methods tab)

Writable is True – in Self-service Account Update realm configuration, when KBQ-KBA is set to Show Enabled

homePostalAddress
Cert Serial Number

Certificate generated by SecureAuth IdP and stored in user profile

Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

False

Format SupportPlain text
Writable

True – for all Certificate Enrollment realms

See DirectoryString List below for options
Cert Reset DateCertificate revocation date – certificates delivered before this date are invalidated
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

False

Format SupportPlain text
Writable

True – in Account Management (Help Desk) realm configuration, when Cert Rev Field is set to Show Enabled

See DirectoryString List below for options
Certificate CountNumber of certificates in user profile
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

False

Format SupportPlain text
Writable
  • True – for all Certificate Enrollment realms
  • True – in Account Management (Help Desk) realm configuration, when Cert Count Field is set to Show Enabled
  • True – in Account Management (Help Desk) realm configuration, when Cert Rev Field is set to Show Enabled
See DirectoryString List below for options
Certificate ExpirationDate on which certificate expires for the user
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Size (RangeUpper)1024 recommended
Multi-valued

False

Format SupportPlain text
Writable

True – for all Certificate Enrollment realms (Workflow tab >  Certificate / Token Properties section),  in which Email Notification is set to Enabled

See DirectoryString List below for options
Mobile Reset DateMobile cookie revocation date – cookies delivered before this date are invalidated
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

False

Format SupportPlain text
Writable

True – in Account Management (Help Desk) realm configuration, when Mobile Rev is set to Show

See DirectoryString List below for options
Mobile CountNumber of mobile cookies in the profile associated with the user
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False

Format Support

...

Plain

...

text
Writable

...

  • True for all

...

  • realms (Workflow tab > Device Recognition Method section) in which Integration Method is set to Mobile Enrollment and Validation. 
  • True – in Account Management (Help Desk) realm configuration, when Mobile Rev is set to Show
See DirectoryString List below for options

...

iOS Devices

Unique ID of iOS devices stored for use in Fingerprinting

Definition List
LDAP Syntax

...

2.5.5.12 (Directory String)
Multi-valued

...

False
Format Support

...

Writable:

...

True for all Certificate Enrollment realms

...

Plain text
WritableTrue
See DirectoryString List below for options

...

Ext. Sync Pwd DateDate on which

...

Google Apps and LDAP directory passwords synchronize
Definition List
LDAP Syntax

...

2.5.5.12 (Directory String

...

)

...

Multi-valued

...

False
Format Support

...

Plain

...

text
Writable

...

True for realms in which the Sync Password feature has Google Apps Functions enabled, and in which the password synchronizes on a specific date rather then on every login. 
See DirectoryString List below for options

...

Hardware TokenYubiKey information used for multi-factor authentication (MFA)
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False
Format Support

...

Plain

...

text
Writable

...

True for YubiKey provisioning realm 
See DirectoryString List below for options

...

OATH SeedSeed used to generate OATH One-time Passwords (OTPs)
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Size (RangeUpper)4096 (or higher) required
Multi-valued

...

Format Support: Plain Text

...

Writable:

  • True for all realms in which Mobile Enrollment and Validation is selected from the Integration Mode dropdown on the Workflow tab
  • True for Account Management Page realm if Show is selected from the Mobile Rev dropdown on the Help Desk Configuration Page

...

False
Format SupportAdvanced encryption
WritableTrue for OATH provisioning realm 
postalAddress
One Time OATH ListList of valid OATH OTPs to increase security during offset duration
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Multi-valued

...

False
Format Support

...

Plain

...

text
Writable

...

True for all realms (Multi-Factor Methods tab) in which OATH OTPs are set to Enabled for second factor, and realms in which the One Time OATH List feature is enabled

See DirectoryString List below for options

...

Behavior BiometricsBehavior profile used in behavioral biometrics authentication (Authentication API)
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Size (RangeUpper)No limit / undefined
Multi-valued

...

False
Format Support

...

Plain

...

text
Writable

...

  • LDAP Syntax: 2.5.5.12 (Directory String)
  • Multi-valued: False
  • Format Support: Plain Text

  • Writable: True for YubiKey Provisioning realm

...

True

comment
UI Text Box
sizemedium
typenote

** The following table contains distinct LDAP attribute requirements based on the selected Format Support (plain binary vs JSON)

Profile PropertyDefinitionLDAP attribute requirementExample of AD-specific field

Fingerprints ** 

(Plain binary)

Values created from unique characteristics of desktop, browser, or mobile device associated with the user 
Definition List
LDAP Syntax2.5.5.

...

10 (

...

Octet)
Size (RangeUpper)

...

  • 8 kB (or higher) per Fingerprint record required
  • If the Total FP Max Count is set to -1 (no limit), then the upperRange must be unlimited

NOTE: Fingerprint access records max count data is also stored in the Fingerprints Property and increases the size

Multi-valued

...

True
Format Support

...

Plain binary
Writable

...

True

audio

Fingerprints ** 

(JSON)

Values created from unique characteristics of desktop, browser, or mobile device associated with the user 
Definition List
LDAP Syntax2.5.5.12 (Directory String)

...

Format Support: Plain Text

...

Writable: True for all realms in which OATH OTPs are Enabled for second factor (Multi-Factor Methods tab) and in which the One Time OATH List feature is enabled

...

Column
width70%
UI Text Box
typewarning

**The Fingerprints, Push Notification Tokens, OATH Tokens, and Access Histories Properties have distinct LDAP attribute requirements based on the selected Format Support (Plain Binary vs. JSON)**

...

  • Multi-valued: True
  • Writable: True

...

Size (RangeUpper)

No limit / undefined

Multi-valuedTrue
Format SupportJSON
Writable

True

accountNameHistory

Push Notification Tokens **

(Plain binary)

Devices registered to receive push notifications
Definition List
LDAP Syntax2.5.5.10 (Octet)
Size (RangeUpper)4096 (or higher) required
Multi-valuedTrue
Format SupportPlain binary
Writable

True

jpegPhoto

Push Notification Tokens **

(JSON)

Devices registered to receive push notifications
Definition List
LDAP Syntax2.5.5.

...

12 (

...

Directory String)
Size (RangeUpper)

...

  • 8 kB (or higher) per Fingerprint Record Required
  • If the Total FP Max Count is set to -1 (no limit), then the upperRange must be unlimited
  • NOTE: The FP's access records max count data is also stored in the Fingerprints Property and increases the size

...

4096 (or higher) required
Multi-valuedTrue
Format SupportJSON
Writable

True

altSecurityIdentities

OATH Tokens **

(Plain binary)

Devices provisioned to use OATH Tokens for second factor authentication (contains OATH Seed)
Definition List
LDAP Syntax2.5.5.

...

10 (

...

Octet)
Size (RangeUpper)

...

...

4096 (or higher)

...

required
Multi-valued

...

LDAP SyntaxFormat SupportAD-specific Field Example
2.5.5.10 (Octet)Plain BinaryjpegPhoto
2.5.5.12 (Directory String)JSONaltSecurityIdentities

...

True
Format SupportPlain binary
Writable

True

registeredAddress

OATH Tokens **

(JSON and JSON Encrypted)

Devices provisioned to use OATH Tokens for second factor authentication (contains OATH Seed)
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Size (RangeUpper)

...

4096 (or higher)

...

required
Multi-valued

...

...

True

...

Format Support

...

JSON

JSON Encrypted

...

JSON, JSON encrypted
Writable

True

otherIpPhone

Access Histories **

(Plain binary)

IP Address, geo-location, and last access time of user for

...

  • Size (RangeUpper):
    • 1024 (or higher) per Access History Record Required
    • The Access History setting can be configured in the web.config file:

      <add key="AccessHistoryMaxCount" value="5" />

  • Multi-valued: True
  • Writable: True

...

adaptive authentication comparison
Definition List
LDAP Syntax2.5.5.10 (Octet)
Size (RangeUpper)4096 (or higher)

...

Plain Binary

 

...

required
Multi-valuedTrue
Format SupportPlain binary
Writable

True

photo

Access Histories **

(JSON)

IP Address, geo-location, and last access time of user for adaptive authentication comparison
Definition List
LDAP Syntax2.5.5.12 (Directory String)
Size (RangeUpper

...

)4096 (or higher) required
Multi-valued

...

True
Format Support

...

JSON, JSON encrypted
Writable

...

True

...

otherMailbox
warning
UI Text Box
sizemedium
type
note

When running SecureAuth IdP v9.2 with non-MS Microsoft AD servers, be sure to verify the attribute syntax for registeredAddress (Octet) since a different syntax is often specified in OpenLDAP Open LDAP and other LDAP implementations

DirectoryString list  
Anchor
List
List

...

borderColor#116490
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#116490
borderStylesolid
titleDirectoryString List

...

The following list contains AD DirectoryString  (2.5.5.12) options that can be used for the

...

profile properties noted

...

in the above tables. However, any DirectoryString attribute that fulfills

...

other requirements can be

...

used as well

...

  • extensionName
  • facsimileTelephoneNumber
  • info
  • ipPhone
  • otherFacsimileTelephoneNumber

...

...

width33%
  • otherHomePhone
  • otherLoginWorkstations
  • otherMobile
  • otherPager

...

  • otherTelephone
  • pager
  • postOfficeBox
  • street
  • streetAddress

...

titleSecureAuth IdP Profile Property Mapping to LDAP Attributes Helper

The common mappings included in the table below can be used for quick copying and pasting.

...

Common profile property mappings to LDAP attributes

The following table contains common mappings to which you can copy and paste. 

Profile propertyDefinitionMulti-valuedFormat Support

...

WriteableAD-specific

...

fieldActive Directory

...

options
Access HistoriesIP

...

Address, geo-location, and last access time of user for adaptive authentication

...

comparison

...

TruePlain

...

binary or JSON

...

TruephotoextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager
OATH Tokens

...

Devices provisioned to use OATH Tokens for

...

second factor authentication (contains OATH

...

Seed)

...

TruePlain

...

binary or JSON

...

TrueregisteredAddressextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager
Push Notification Tokens

...

Devices registered to receive

...

push notifications

...

TruePlain

...

binary or JSON

...

TruejpegPhotoextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager
FingerprintsValues created from unique characteristics of

...

desktop, browser, or mobile device associated with the user

...

TruePlain

...

binary or JSON

...

TrueaudioextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager
OATH SeedSeed used to generate OATH One-

...

time Passwords

...

(OTPs)

...

FalseAdvanced

...

encryptionTrue for OATH

...

provisioning realmpostalAddressextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager
Aux ID 2User's ported phone numbersDepends on LDAP attributePlain

...

text
  • True – in Account Management (Help Desk) realm configuration, when Aux ID # is set to Show Enabled
  • True – in Self-service Account Update realm configuration, when Aux ID # is set to Show Enabled
carlicenseextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager
Email

...

1 (Work)Primary email address associated with user; typically a work emailFalsePlain text
  • True – in Account Management (Help Desk) realm configuration, when Email 1 is set to Show Enabled
  • True – in Self-service Account Update realm configuration, when Email 1 is set to Show Enabled
mail

extensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager

Email

...

2 (Personal)Secondary email address associated with user; typically a personal emailFalsePlain text
  • True – in Account Management (Help Desk) realm configuration, when Email 2 is set to Show Enabled
  • True – in Self-service Account Update realm configuration, when Email 2 is set to Show Enabled
otherMailbox

extensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager

Phone

...

1 (Work)Primary phone number associated with user; typically a work numberFalsePlain text
  • True – in Account Management (Help Desk) realm configuration, when Phone 1 is set to Show Enabled
  • True – in Self-service Account Update realm configuration, when Phone 1 is set to Show Enabled
telephoneNumberextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager
Phone 2

...

(Mobile)Secondary phone number associated with user; typically a mobile number

...

FalsePlain

...

text
  • True

...

  • – in Account Management (Help Desk) realm configuration, when Phone 2 is set to Show Enabled
  • True – in Self-service Account Update realm configuration, when Phone 2 is set to Show Enabled
mobileextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager
Phone

...

3 (Alternate)Alternate phone number associated with userFalsePlain text
  • True – in Account Management (Help Desk) realm configuration, when Phone 3 is set to Show Enabled
  • True – in Self-service Account Update realm configuration, when Phone 3 is set to Show Enabled
houseidentifierextensionName
facsimileTelephoneNumber
info
ipPhone
otherFacsimileTelephoneNumber
otherHomePhone
otherLoginWorkstations
otherMobile
otherPager

...

 

...