1. No category

2014.2.25
Active Directory Server から OneLogin に送信される情報
Active Directory Server にインストールする AD Connector は OneLogin に対して認証に必要な情報
を送信します。保存される情報は管理者の設定により追加することが可能です。
Active Directory から送信され OneLogin で受信保
存される情報
以下の情報は OneLogin に保存される項目です
----First Name,
Last Name,
Email,
MemberOf,
ObjectGUID,
MemberOf (DistinguishedNames),
UPN,
sAMAccountName
----以上 8 項目
Active Directory から送信され OneLogin で受信保
以下の情報は OneLogin に保存することを管理
存を選択できる情報
者が選択できる項目です
----accountExpires
accountNameHistory
aCSPolicyName
adminCount
adminDescription
adminDisplayName
allowedAttributes
allowedAttributesEffective
allowedChildClasses
allowedChildClassesEffective
altSecurityIdentities
assistant
attributeCertificateAttribute
audio
badPasswordTime
badPwdCount
bridgeheadServerListBL
businessCategory
c
canonicalName
carLicense
cn
co
codePage
comment
company
controlAccessRights
countryCode
P1
ペンティオ株式会社 .
http://www.pentio.com
createTimeStamp
dBCSPwd
defaultClassStore
department
departmentNumber
description
desktopProfile
destinationIndicator
directReports
displayName
displayNamePrintable
distinguishedName
division
dSASignature
dSCorePropagationData
dynamicLDAPServer
employeeID
employeeNumber
employeeType
extensionName
facsimileTelephoneNumber
flags
fromEntry
frsComputerReferenceBL
fRSMemberReferenceBL
fSMORoleOwner
garbageCollPeriod
gecos
generationQualifier
gidNumber
givenName
groupMembershipSAM
groupPriority
groupsToIgnore
homeDirectory
homeDrive
homePhone
homePostalAddress
houseIdentifier
info
initials
instanceType
internationalISDNNumber
ipPhone
isCriticalSystemObject
isDeleted
isPrivilegeHolder
jpegPhoto
l
labeledURI
lastKnownParent
lastLogoff
lastLogon
lastLogonTimestamp
legacyExchangeDN
P2
ペンティオ株式会社 .
http://www.pentio.com
lmPwdHistory
localeID
lockoutTime
loginShell
logonCount
logonHours
logonWorkstation
mail
managedObjects
manager
masteredBy
maxStorage
memberOf
mhsORAddress
middleName
mobile
modifyTimeStamp
msCOM-PartitionSetLink
msCOM-UserLink
msCOM-UserPartitionSetLink
msDFSR-ComputerReferenceBL
msDFSR-MemberReferenceBL
msDRM-IdentityCertificate
msDS-AllowedToDelegateTo
msDS-Approx-Immed-Subordinates
msDS-AuthenticatedAtDC
msDS-AuthenticatedToAccountlist
msDS-Cached-Membership
msDS-Cached-Membership-Time-Stamp
mS-DS-ConsistencyChildCount
mS-DS-ConsistencyGuid
mS-DS-CreatorSID
msDS-FailedInteractiveLogonCount
msDS-FailedInteractiveLogonCountAtLastSucc
essfulLogon
msDS-HABSeniorityIndex
msDS-IsDomainFor
msDS-IsFullReplicaFor
msDS-IsPartialReplicaFor
msDS-KeyVersionNumber
msDS-KrbTgtLinkBl
msDS-LastFailedInteractiveLogonTime
msDS-LastSuccessfulInteractiveLogonTime
msDs-masteredBy
msDS-MembersForAzRoleBL
msDS-NCReplCursors
msDS-NCReplInboundNeighbors
msDS-NCReplOutboundNeighbors
msDS-NC-RO-Replica-Locations-BL
msDS-NcType
msDS-NonMembersBL
msDS-ObjectReferenceBL
msDS-OperationsForAzRoleBL
msDS-OperationsForAzTaskBL
msDS-PhoneticCompanyName
P3
ペンティオ株式会社 .
http://www.pentio.com
msDS-PhoneticDepartment
msDS-PhoneticDisplayName
msDS-PhoneticFirstName
msDS-PhoneticLastName
msDS-PrincipalName
msDS-PSOApplied
msDS-ReplAttributeMetaData
msDS-ReplValueMetaData
msDS-ResultantPSO
msDS-RevealedDSAs
msDS-RevealedListBL
msDS-SecondaryKrbTgtNumber
msDS-Site-Affinity
msDS-SourceObjectDN
msDS-SupportedEncryptionTypes
msDS-TasksForAzRoleBL
msDS-TasksForAzTaskBL
msDS-User-Account-Control-Computed
msDS-UserPasswordExpiryTimeComputed
msExchAssistantName
msExchHouseIdentifier
msExchLabeledURI
msIIS-FTPDir
msIIS-FTPRoot
mSMQDigests
mSMQDigestsMig
mSMQSignCertificates
mSMQSignCertificatesMig
msNPAllowDialin
msNPCallingStationID
msNPSavedCallingStationID
msPKIAccountCredentials
msPKIDPAPIMasterKeys
msPKIRoamingTimeStamp
msRADIUSCallbackNumber
msRADIUS-FramedInterfaceId
msRADIUSFramedIPAddress
msRADIUS-FramedIpv6Prefix
msRADIUS-FramedIpv6Route
msRADIUSFramedRoute
msRADIUS-SavedFramedInterfaceId
msRADIUS-SavedFramedIpv6Prefix
msRADIUS-SavedFramedIpv6Route
msRADIUSServiceType
msRASSavedCallbackNumber
msRASSavedFramedIPAddress
msRASSavedFramedRoute
msSFU30Name
msSFU30NisDomain
msSFU30PosixMemberOf
msTSAllowLogon
msTSBrokenConnectionAction
msTSConnectClientDrives
msTSConnectPrinterDrives
msTSDefaultToMainPrinter
P4
ペンティオ株式会社 .
http://www.pentio.com
msTSExpireDate
msTSExpireDate2
msTSExpireDate3
msTSExpireDate4
msTSHomeDirectory
msTSHomeDrive
msTSInitialProgram
msTSLicenseVersion
msTSLicenseVersion2
msTSLicenseVersion3
msTSLicenseVersion4
msTSLSProperty01
msTSLSProperty02
msTSManagingLS
msTSManagingLS2
msTSManagingLS3
msTSManagingLS4
msTSMaxConnectionTime
msTSMaxDisconnectionTime
msTSMaxIdleTime
msTSProfilePath
msTSProperty01
msTSProperty02
msTSReconnectionAction
msTSRemoteControl
msTSWorkDirectory
name
netbootSCPBL
networkAddress
nonSecurityMemberBL
ntPwdHistory
nTSecurityDescriptor
o
objectCategory
objectClass
objectGUID
objectSid
objectVersion
operatorCount
otherFacsimileTelephoneNumber
otherHomePhone
otherIpPhone
otherLoginWorkstations
otherMailbox
otherMobile
otherPager
otherTelephone
otherWellKnownObjects
ou
ownerBL
pager
partialAttributeDeletionList
partialAttributeSet
personalTitle
photo
P5
ペンティオ株式会社 .
http://www.pentio.com
physicalDeliveryOfficeName
possibleInferiors
postalAddress
postalCode
postOfficeBox
preferredDeliveryMethod
preferredLanguage
preferredOU
primaryGroupID
primaryInternationalISDNNumber
primaryTelexNumber
profilePath
proxiedObjectName
proxyAddresses
pwdLastSet
queryPolicyBL
registeredAddress
replPropertyMetaData
replUpToDateVector
repsFrom
repsTo
revision
rid
roomNumber
sAMAccountName
sAMAccountType
scriptPath
sDRightsEffective
secretary
securityIdentifier
seeAlso
serialNumber
serverReferenceBL
servicePrincipalName
shadowExpire
shadowFlag
shadowInactive
shadowLastChange
shadowMax
shadowMin
shadowWarning
showInAddressBook
showInAdvancedViewOnly
sIDHistory
siteObjectBL
sn
st
street
streetAddress
structuralObjectClass
subRefs
subSchemaSubEntry
supplementalCredentials
systemFlags
telephoneNumber
P6
ペンティオ株式会社 .
http://www.pentio.com
teletexTerminalIdentifier
telexNumber
terminalServer
textEncodedORAddress
thumbnailLogo
thumbnailPhoto
title
tokenGroups
tokenGroupsGlobalAndUniversal
tokenGroupsNoGCAcceptable
uid
uidNumber
unicodePwd
unixHomeDirectory
unixUserPassword
url
userAccountControl
userCert
userCertificate
userParameters
userPassword
userPKCS12
userPrincipalName
userSharedFolder
userSharedFolderOther
userSMIMECertificate
userWorkstations
uSNChanged
uSNCreated
uSNDSALastObjRemoved
USNIntersite
uSNLastObjRem
uSNSource
wbemPath
wellKnownObjects
whenChanged
whenCreated
wWWHomePage
x121Address
x500uniqueIdentifier
----以上 342 項目
【結果】
Active Directory Server から OneLogin に AD ドメインユーザーのパスワード（暗号化、ハッシュ化デ
ータを含む）は送出はされません。
P7
ペンティオ株式会社 .
http://www.pentio.com