skip to main content
Infrastructure Division of Information Technology

Directory Services Attribute

Scoped NetID (userPrincipalName)

Attribute details

LDAP userPrincipalName attribute properties, usage and population rules
Definition: This can be thought of as the account login scoped to the Identity Provider. For everyone in the directory, it is 'NetID@tamu.edu'.

NetIDs are human-friendly identifiers selected by the account holder. NetIDs are revokable (account holders are allowed to switch to a different NetID) and reassignable (6 months after the NetID is released by an account holder, it may be claimed by a different account holder).
Attribute Name: 'userPrincipalName'
OID: 1.2.840.113556.1.4.656
URN: urn:oid:1.2.840.113556.1.4.656
Multiple Values: Single-valued
Format: case-insensitive Unicode String (equivalent to Directory String)

The values consist of a left and right component separated by an "@" sign. The left component is the entry's NetID value. The right component identifies the domain or scope. For all entries in the Texas A&M NetID Identity Management System this is "tamu.edu".
Search Syntax: fATTINDEX
Controlled Vocabulary: not applicable
Source: Defined by account holder in NetID Activation application.
Modifiable by account holder in NetID Change application.

Directory-specific details

LDAP userPrincipalName attribute properties that are dependent on directory branch or object class configuration
  AUTH Directory
People Branch
Azure Directory
People Branch
Directory URL: auth.tamu.edu tamucs.onmicrosoft.com/tamu.edu
Object Class: Active Directory Lightweight Directory Services Schema Active Directory Lightweight Directory Services Schema
Required: yes yes
Indexing: Presence (pres): Improves searches for entries that contain the indexed attribute.
Equality (eq): Improves searches for entries that contain an attribute that is set to a specific value.
Presence (pres): Improves searches for entries that contain the indexed attribute.
Equality (eq): Improves searches for entries that contain an attribute that is set to a specific value.
Access: Authenticated accounts have read access. Authenticated accounts have read access.
Usage: Login to computing resources across campus. Login to computing resources across campus.
Example(s): joe-college@tamu.edu joe-college@tamu.edu