Problem:

Additional attributes like an employeeNumber for users or the displayName of groups need to be synced by the AD-Connector.

Recommendation

Since UCS 4.4-7 we introduced the localmapping.
To map additional attributes you can define a mapping hook inside the (newly to be created) file /etc/univention/connector/ad/localmapping.py like this:

import univention.connector

def mapping_hook(ad_mapping):
	ad_mapping['user'].post_attributes['employeeNumber'] = \
		univention.connector.attribute(
			ucs_attribute='employeeNumber',
			ldap_attribute='employeeNumber',
			con_attribute='employeeNumber'
		)
	ad_mapping['group'].attributes['displayName'] = \
		univention.connector.attribute(
			ucs_attribute='DisplayName',
			ldap_attribute='displayName',
			con_attribute='displayName'
		)
	return ad_mapping

where the ucs_attribute represents the UDM name and con_attribute the AD name.

Or an other example:

def mapping_hook(ad_mapping):
	ad_mapping['user'].position_mapping=[('ou=is,ou=users,dc=schein,dc=ig', 'OU=Business Units,DC=science,DC=Beispiel,DC=schein,DC=ig')]
	ad_mapping['group'].position_mapping=[('ou=is,ou=groups,dc=schein,dc=ig', 'OU=Business Units,DC=science,DC=Beispiel,DC=schein,DC=ig')]
	ad_mapping['ou'].position_mapping=[('ou=is,ou=users,dc=schein,dc=ig', 'OU=Business Units,DC=science,DC=Beispiel,DC=schein,DC=ig')]
	return ad_mapping

or
Exclude that the attribute “description” ist synced.
cat /etc/univention/connector/ad/localmapping.py

import univention.connector
def mapping_hook(ad_mapping):
    ad_mapping['group'].attributes.pop('description')
    return ad_mapping

Sync HomeDirectory to AD

import univention.connector
def mapping_hook(ad_mapping):
    ad_mapping['user'].post_attributes['homeDirectory'] = \
                univention.connector.attribute(
                        ucs_attribute='sambahome',
                        ldap_attribute='sambaHomePath',
                        con_attribute='homeDirectory'
                )
   return ad_mapping

Further reading

• Install Active Directory Domain Services on Windows Server 2019
• Connect UCS to existing AD Domain
• Manual entry for localmapping.py
• https://git.knut.univention.de/univention/ucs/-/blob/5.0-6/services/univention-ad-connector/modules/univention/connector/ad/mapping.py#L301 → internal use, to get the mapping