Expands the user object to add relevant data that comes from various Identity Providers or Directories while keep relevance with LDAP and MITRE D3FEND.
Add Observable type_id 31-35 for User UID, Group Name, Group UID, Account Name, Account UID
Add phone_number to user and to ldap_person - this attribute can be assigned to both or one or the other depending on the upstream system. For instance Entra ID or Okta
Add state_id and state to user to represent the various states of a user record in a directory or IDP such as their provisioning status, (de)activation. This is 1:1 with Okta with an extra Deleted enum added for Google Workspace Removed as #1136 already has a solution
Add has_mfa Boolean to Dictionary and user object as a quick way to tell if a user has MFA/2FA enabled/assigned to them
Expands the
user
object to add relevant data that comes from various Identity Providers or Directories while keep relevance with LDAP and MITRE D3FEND.type_id
31-35 for User UID, Group Name, Group UID, Account Name, Account UIDphone_number
touser
and toldap_person
- this attribute can be assigned to both or one or the other depending on the upstream system. For instance Entra ID or OktaAddRemoved as #1136 already has a solutionstate_id
andstate
touser
to represent the various states of a user record in a directory or IDP such as their provisioning status, (de)activation. This is 1:1 with Okta with an extraDeleted
enum added for Google Workspacehas_mfa
Boolean to Dictionary anduser
object as a quick way to tell if auser
has MFA/2FA enabled/assigned to them