LDAP attributes collection
Use this page to add, modify, or delete the configuration of supported, unsupported, and external LDAP attributes in a federated repositories configuration.
To view this administrative console page:
- In the administrative console, click Security > Global security.
- Under User account repository, select Federated repositories from the Available realm definitions field and click Configure.
To configure for a specific domain in a multiple security domain environment, click Security domains > domain_name. Under Security Attributes, expand User Realm, and click Customize for this domain. Select the Realm type as Federated repositories and then click Configure.
- Under Related items, click Manage repositories.
- Click Add > LDAP repository to specify a new external repository or select an external repository that is preconfigured.
- Under Additional properties, click LDAP attributes.
- To add a new LDAP attribute configuration, click Add and select Supported, Unsupported, or External.
- To modify an existing configuration, click the Name/Property Name link and modify the details in the panel that appears.
- To delete an existing configuration, select the checkbox for the Name/Property Name and click Delete.
When we finish adding or updating your federated repository configuration, go to the Security > Global security panel and click Apply to validate the changes.
Supported
Configuration for supported LDAP attributes.
- Name
- Name of the LDAP attribute used in the repository LDAP adapter.
- Property name
- Name of the corresponding federated repository property.
- Syntax
- Syntax of the LDAP attribute. The default is string. For example, the syntax of the unicodePwd LDAP attribute is octetString.
- Entity types
- Entity type that applies the attribute mapping.
- Default value
- Default value of the LDAP attribute.
- Default attribute
- Default attribute of the LDAP attribute.
Unsupported
Configuration for a federated repository property that the LDAP repository does not support.
- Property name
- Name of the federated repository property.
- Entity types
- One or more entity types. Use the semicolon (;) as the delimiter to specify multiple entity types.
External
Configuration for an LDAP attribute used as an external ID in the specified LDAP repository.
- Name
- Name of the external ID attribute of the LDAP repository.
- Syntax
- Syntax of the LDAP attribute. The default is string. For example, the syntax of the unicodePwd LDAP attribute is octetString.
- Entity types
- One or more entity types. Use the semicolon (;) as the delimiter to specify multiple entity types.
- Generate value
- Specifies whether or not the federated repository should generate the value of the LDAP attribute.