How to fetch mail attribute from AD while sponsor lookup during guest self-registration.

By esupport posted Aug 31, 2015 05:38 AM


To fetch the email address of the sponsor using sponsor_lookup field from Active directory.


By default, the display attribute mapping in the ClearPass Guest --> Administration --> Operator Logins --> Servers, fetches the value of 'userprincipalname'(user logon name) attribute of the sponsor from the Domain controller. In many cases, this attribute value will not be a valid email address which may be of the form -

The attribute 'mail' will hold the actual email address of the users which may be of the form - 

To fetch the value of mail attribute, we can comment userprincipalname=desc in the Operator Servers --> display attribute mapping and add the attribute mapping : mail=desc 




To check the default filters, login to ClearPass Guest and navigate to Administration --> Operator Logins --> Servers --> Edit the Operator Server --> Display attributes under user search as shown below:







I have created a test user in the domain controller with firstname = test and lastname = user as shown below:



With default display attributes in the Operator servers, it will fetch the userprincipalname of the test user as shown below:

Default display attributes in operator server:

#sAMAccountName = id
displayName = text
# title = desc
userPrincipalName = desc

We can comment userprincipalname attribute and add the attribute mail as shown below. It will fetch the value of mail attribute of the user in the active direectory

#sAMAccountName = id
displayName = text
# title = desc
#userPrincipalName = desc








1 view