LDAP groups are synchronized like employees directly from Active Directory. Other then employees, you can’t add additional groups – this module of the database totally depends on Active Directory.

Groups are available to be references from e.g. the owner matrix, they also allow some insight to which employees are members of a certain group.

The main reason they are accessible at all is to have the chance to document them somehow and add notes / tags to them. On top you can engage checklists for those groups as well. Similar to employees there is a script-control button there as well in order to create a new group directly via a script from the database. Look at the example/explanation at the employees page for more details.

Data field and reference overview

Almost all those fields are synchronized from Active Directory and are read-only.

  • name, displayname
  • cn, sAMAccountNAme, objectSID
  • distinguishedName
  • mail, proxyAddresses, aka. SMTP addresses
  • groupType
  • managedBy
  • description, info
  • whenCreated, whenChanged
  • RemovedDate – this is set once the group is detected as removed by the LDAP sync
  • Notes, Checklists and Tags
  • References to the Owner Matrix
  • Members
    • Users
    • Computers
    • Groups
    • Other