Linking AD attributes to Security Center fields - Security Center 5.11

Security Center Administrator Guide 5.11

Security Center
Content type
Guides > Administrator guides
Last updated

You can change or add to the AD attributes mapped by default to Security Center fields from the Links page of the Active Directory role.

Before you begin

What you should know

  • You can import additional AD attributes to any synchronized entity type by mapping them to custom fields.
  • You can only override the default mapping of Cardholder and Credential fields.
  • No more than 32 custom fields can be mapped to the AD.


  1. From the Links page of the Active Directory role, under the section corresponding to the entity type you want to import, click Add an item ().
    The Links page is divided into three sections, Users, Cardholders, and Credentials.
  2. In the Link properties dialog box, select the Field name and the Active Directory attribute you want to synchronize, and then click OK.
    Only fields corresponding to the selected entity type, both standard and custom, are listed. If you know the name of the AD attribute you want to map, you can enter it directly.
    IMPORTANT: The data type of the Security Center field must match that of the AD attribute: text with text, decimal with decimal, date with date, etc. The Security Center image data type must be mapped to the AD binary data type, and the mapped AD attribute must contain a valid JPEG image.

    The mapped custom fields are displayed in the Links page.

  3. Repeat the previous steps as needed.
  4. If you are synchronizing cardholders and want to upload cardholder pictures from Security Center to the AD, set Upload pictures to Active Directory to ON.
    NOTE: The cardholder picture field can be mapped to any AD binary attribute if you just want to import them from the AD. But if you want to upload the cardholder pictures from Security Center to the AD, then you must map it to the AD attribute thumbnailPhoto. For more information, see Assigning pictures to imported cardholders.
  5. Click Apply.


When you synchronize with the AD, they are read-only.