Attach Files to AD Objects


Using Adaxes, you can upload the contents of any file into any binary property of an Active Directory object. Adaxes recognizes many well-known data formats like PDF, XLS, DOC, or ZIP and displays them accordingly in the Web Interface. Essentially, this means you can attach files to user accounts, groups, and other AD objects.

So which properties can be used to store files? You can use any available binary property. For example, user objects in the default Active Directory schema have several binary properties like teletexTerminalIdentifier, that are hardly ever used, and can be repurposed to store files. It is also possible to change the property display name to fit the new purpose.

A second option is to create your own binary properties by extending your AD schema. Finally, Adaxes has a set of virtual binary properties (e.g. CustomAttributeBinary1), that are not stored in Active Directory, but can be used to store files just like any other binary property.

In this tutorial you will learn how to attach files to user accounts, view the attached files in the Web Interface, and delegate permissions to modify or remove the attached files.

  1. Add a field to Web Interface forms and views

    The default forms for creating and editing users don't have a field that lets you attach files, so you need to add one. As mentioned before, files can only be uploaded to a field of a binary type. To be able to view and download the attached file, the same field must be added to the view used to display user accounts.

    For details on how to add fields to forms and views, see How to Customize Forms for User Creation and Editing.

  2. Change field display name

    Change the display name of the added field to make it more user-friendly.

    • Launch Adaxes Administration Console.

    • Right-click your Adaxes service and select Property Display Names in the context menu.

    • In the dialog that opens, click Add and type the property name in the drop-down list.

    • Select the property for which you want to specify a display name.

    • Enter the display name in the dialog that opens.

    • To specify a custom display name for a specific object type, click Add type-specific display name.

    • Click OK.

  3. Grant permissions

    Once a binary field is added to the user creation form, anyone who has the rights to create users will be able to upload a file during user creation.

    Attaching a file to an existing object or removing an attached file requires additional permissions. You need to grant the rights to modify the property where the file is stored. For example, uploading files to the CustomAttributeBinary1 property of existing users requires the permissions to modify the CustomAttributeBinary1 property of User objects.

    For step-by-step instructions, see How to Grant Rights to Modify Specific Properties of AD Objects.

Open tutorial filtering

Got questions?
Support Questions & Answers