+

Search Tips   |   Advanced Search

Dynamic member attributes collection

Manage LDAP dynamic member attributes.

To view this administrative console page:

  1. In the administrative console, click...

      Security > Global security > User account repository > Available realm definitions > Federated repositories > Configure

    To configure for a specific domain in a multiple security domain environment, click...

  2. To specify a new external repository or select an external repository that is preconfigured...

When we finish adding or updating the federated repository configuration, go to the Security > Global security panel and click Apply to validate the changes.


Name

Name of the attribute that defines the filter for dynamic group members in LDAP. For example, memberURL is the name of a commonly used dynamic member attribute.

If both member and dynamic member attributes are specified for the same group type, this group type is a hybrid group with both static and dynamic members.

A dynamic group defines its members differently than a static group. Instead of listing the members individually, the dynamic group defines its members using an LDAP search. The filter for the search is defined in a dynamic member attribute. For example, the dynamic group uses the structural objectclass groupOfURLs, or auxiliary objectclass ibm-dynamicGroup, and the attribute memberURL, to define the search using a simplified LDAP URL syntax:

The following is an example of the LDAP URL that defines all entries that are under o=Acme with the objectclass=person:


Object class

Object class of the group containing this dynamic member attribute, for example, groupOfURLs. If this property is not defined, the dynamic member attribute applies to all group object classes.

  • Configure dynamic member attributes in a federated repository configuration
  • Dynamic member attributes settings