Connector Xpress supports multi-attribute (many-to-one) mappings, which means you can map a native attribute to multiple provisioning attributes. The LDAP DYN template contains an example of multi-attribute mapping. In the template, the account class has both Common Name and Account ID mapped to the endpoint's cn attribute. This is useful because the Common Name is a common LDAP attribute that you should include in the account object and Account ID is the provisioning naming attribute required by the CA IdentityMinder common attribute set.
Also, the Account ID and uid are both ambiguously mapped to the endpoint's uid attribute in the template.
Duplicate mappings to a native attribute within the same class are not allowed. For example, if cn is mapped you cannot map cn again. However you can map cn again as part of an ambiguous mapping. For example, together with uid as shown in the LDAP DYN template.
Note the multi-mapping of accountname, cn, uid, and a separate mapping directly to cn is required to fully manage JNDI endpoints. This allows either cn or uid to be used in the naming attribute, and satisfies the condition where cn is also required on an endpoint even when uid is used as the naming attribute.
Copyright © 2014 CA.
All rights reserved.
|
|