Rublon reads different attributes from Active Directory. All connectors, as well as Rublon API, need cn and mail. In addition to that, depending on your integration and the connector you use, Rublon may need to read other attributes.
Remote Desktop Services
If the ShouldTryToGetPhoneFromAD value in your Rublon for Windows Logon & RDP configuration is set to 1, Rublon for Windows pulls the user’s phone number from Active Directory and sends it to the Rublon API.
In the case of the following connectors:
Next to the username and email address, Rublon also reads the userPrincipalName to identify the user.
Cloud Apps via SAML
In the case of integrations done via Rublon Access Gateway using the SAML 2.0 protocol, Rublon retrieves attributes and prints them in the Users table.
To perform SAML transactions with the service provider, the Rublon Access Gateway reads the attributes defined by the administrator in the Authentication Source tab. These attributes are usually cn, mail, and sAMAccountName. An administrator can configure the Rublon Access Gateway to additionally retrieve some other attributes if necessary, e.g., integration with ParkMyCloud also requires sn and givenName attributes, and so on.
VPNs via RADIUS
In the case of integrations done via Rublon Authentication Proxy using the RADIUS protocol, Rublon needs username_attribute and email_attribute. You can configure username_attribute and email_attribute to retrieve different Active Directory attributes from the default ones. Still, the default corresponding attributes are presented in the following table.
Rublon Authentication Proxy Configuration Option | Corresponding Active Directory Attribute (By Default) |
username_attribute | sAMAccountName |
email_attribute |
In addition to that, Rublon reads the memberOf attribute to check security_group_dn.
Helpful Links
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article