AD Organizational identity feed

AD Organizational identity feed provides capability for creating users based on user records from Active Directory (AD). This feed uses a directory resource as the source for the feed. Information from the AD organizationalPerson objectclass is mapped to the inetOrgPerson schema. This identity feed loads all user objects under a specified base.

AD Organizational service type

When we create a service instance for this identity feed, the following information is required:

• URL used to connect to the directory resource
• User ID and password to gain access to the resource
• Naming context, which is the search base in LDAP terminology, and defines where in the directory tree to begin the search
• Name attribute, which must be selected from the values provided

After creation, this service is set to reconcile a specific branch of the directory.

Customized attribute mapping

The Attribute Mapping file name option provides a way to customize the mapping of LDAP attributes to IBM Security Identity Manager attributes.

The format of the attribute mapping file is feedAttrName=itimAttrName. Lines that begin with a number sign (#) or semicolon (;) are interpreted as comments.

The attribute mapping file completely overrides the default mappings. All attributes that are needed from the feed source must be included in the mapping file. These attributes must be included in the mapping file:

• Attributes that are specified as required in the person profile form
• Attributes that are specified as required in the LDAP schema for the target person profile

If an attribute from the feed source is not included in the attribute mapping file, the value is not set on ISIM attribute. The following example shows that six attributes are mapped. All other LDAP attributes are ignored.

#feedAttrName=itimAttrName
cn=cn
sn=sn
title=title
telephonenumber=mobile
mail=mail
description=description

UTF-8 encoding in an identity feed file

Your identity feed file must be in UTF-8 format. We must use an editor that supports UTF-8 encoding.

• Windows

  The following are UTF-8 capable: Microsoft Word 97 or later, or the Notepad editor that is included with the Windows 2003 Server or Windows XP operating systems.

  To save a file in UTF-8 format using Notepad, click File > Save As. Then, expand the list of choices for the Encoding field and select UTF-8.

• Linux

  The Vim text editor (a version of the classic vi editor) is UTF-8 capable. To work with files in UTF-8 format using the Vim text editor, specify the following.

  :set encoding=utf-8
  :set guifont=-misc-fixed-medium-r-normal--18-120-100-100-c-90-iso10646-1
  

  If your version of UNIX does not include this text editor, access this Web site.

  http://www.vim.org For the 7-bit ASCII code subset, the UTF-8 encoded Unicode format is identical to 7-bit ASCII format. For input files that contain 7-bit ASCII (ASCII character values between hex 20 to hex 7e), we can use a normal text editor to create the file. For files containing any other character values (including extended European characters), we must save the file in UTF-8 format.

  For an exact list of the 7-bit ASCII characters as supported by UTF-8, access this Web site and click the Basic Latin link in the first column.

  http://www.unicode.org/chartsParent topic: Identity feed management