Connector Guides › Connectors Guide › Connecting to Endpoints › CA Top Secret Connector › Connector-Specific Features › Extend the Schema to Include Custom Attributes

Extend the Schema to Include Custom Attributes

When you connect to a CA Top Secret system through CA IAM CS, you can correlate on any of the attributes are exposed by the connector. If you want to correlate on an attribute that the connector does not expose, you can extend the connector's schema to include up to twenty extra attributes.

To set up these extra attributes:

1. Create a mapping file that maps each attribute on the endpoint to an attribute in CA IdentityMinder.

   This includes the custom attributes in the Provisioning Server.

2. Add the custom attributes to a new tab in the User Console.

Create a Mapping File for the Custom Attributes

The mapping file lists the custom attributes.

Note: This section refers to the Provisioning Server installation location as ps_install. By default, ps_install is in the following locations:

• Windows—C:\Program Files (x86)\CA\Identity Manager\Provisioning Server

• Linux and Solaris—/opt/CA/IdentityManager/ProvisioningServer/

Follow these steps:

1. Create a new directory in ps_install\data, and name the new directory TSS.
2. Create a text file named schema_map.txt and save it in ps_install\data\TSS.
3. In the text file, create entries with the format described in Format of the Mapping File for Custom Attributes.
4. Restart the Provisioning Server service.

The Provisioning Server now includes the custom attributes.

Format of the Mapping File for Custom Attributes

The mapping file contains a list of the custom attributes, each with the following format:

eTTSSCustomAttribute001=attribute1
eTTSSCustomAttribute002=attribute2
…
eTTSSCustomAttribute020=attribute20

In this list, the names on the left are the attributes in CA IdentityMinder and the names on the right are the attributes on the endpoint.

Each custom attribute in CA IdentityMinder is named eTTSSCustomAttributeNNN, where NNN is a number from 001 to 020. You can use these names in any order, but we recommend that you start with eTTSSCustomAttribute001, to avoid confusion.

There must be no spaces before or after each attribute name.

The attribute names are case-sensitive.

On Solaris, make sure the mapping file is world-readable (its permission should be at least 444).

Add the Custom Attributes to a Tab in the User Console

You can include the custom attributes in a tab in the User Console.

Follow these steps:

1. Log in to the User Console as a user with administrative rights.
2. Click the Roles and Tasks tab, then click Admin Tasks, Manage Admin Tasks.
3. Search for *Top Secret*.
4. Click on the name of the screen that you want to change, for example Modify CA Top Secret Account.
5. Select Tabs.
6. Find Custom Attributes in the table, and click its Edit button.
7. Select the Browse button beside the Screen field.
8. Select “Modify CA Top Secret Account – Custom Attributes”. Click Copy.
9. Give the new screen a unique name by editing the Name and Tag values.
10. Delete any Custom Attribute fields that should not appear on the final screen.
11. For each custom attribute, change its name to the actual attribute name on the endpoint:
    1. Click the attribute's Edit icon.
    2. Edit the Name to show the attribute's real name on the endpoint. This will appear on the final screen
12. Click OK.
13. Click Select.
14. Click OK, then click Submit.

The new tab is now available in the User Console.