User account data model

Support

Support for business applications

Kaspersky Unified Monitoring and Analysis Platform

Appendices

User account data model

April 8, 2024

ID 234819

Get as PDF

User account fields can be addressed from email templates and during event correlation.

Field	Value type	Description
`ID`	String	User account ID.
`ObjectGUID`	String	Active Directory attribute. User account ID in Active Directory.
`TenantID`	String	Tenant ID.
`TenantName`	String	Tenant name.
`UpdatedAt`	Number	Last update of user account.
`Domain`	String	Domain.
`CN`	String	Active Directory attribute. User name.
`displayName`	String	Active Directory attribute. Displayed user name.
`DistinguishedName`	String	Active Directory attribute. LDAP object name.
`employeeID`	String	Active Directory attribute. Employee ID.
`Mail`	String	Active Directory attribute. User email address.
`mailNickname`	String	Active Directory attribute. Alternate email address.
`Mobile`	String	Active Directory attribute. Mobile phone number.
`ObjectSID`	String	Active Directory attribute. Security ID.
`SAMAccountName`	String	Active Directory attribute. Login.
`TelephoneNumber`	String	Active Directory attribute. Phone number.
`UserPrincipalName`	String	Active Directory attribute. User principal name (UPN).
`Archived`	`TRUE/FALSE` string	Indicator that determines whether a user account is obsolete.
`MemberOf`	List of strings	Active Directory attribute. AD groups joined by the user. This attribute can be used for an event search during correlation.
`PreliminarilyArchived`	`TRUE/FALSE` string	Indicator that determines whether a user account should be designated as obsolete.
`CreatedAt`	Number	User account creation date.
`SN`	String	Active Directory attribute. Last name of the user.
`SAMAccountType`	String	Active Directory attribute. User account type.
`Title`	String	Active Directory attribute. Job title of the user.
`Division`	String	Active Directory attribute. User's department.
`Department`	String	Active Directory attribute. User's division.
`Manager`	String	Active Directory attribute. User's supervisor.
`Location`	String	Active Directory attribute. User's location.
`Company`	String	Active Directory attribute. User's company.
`StreetAddress`	String	Active Directory attribute. Company address.
`PhysicalDeliveryOfficeName`	String	Active Directory attribute. Delivery address.
`managedObjects`	List of strings	Active Directory attribute. Objects under control of the user.
`UserAccountControl`	Number	Active Directory attribute. AD account type.
`WhenCreated`	Number	Active Directory attribute. User account creation date.
`WhenChanged`	Number	Active Directory attribute. User account modification date.
`AccountExpires`	Number	Active Directory attribute. User account expiration date.
`BadPasswordTime`	Number	Active Directory attribute. Date of last unsuccessful login attempt.

Did you find this article helpful?

What can we do better?

Thank you for your feedback! You're helping us improve.