Correlate ADS Extended Attributes
Extended Active Directory schema attributes that are set for a particular account are stored together with their values in the account's attribute called 'eTADSpayload' (user-friendly name 'payload') in the following format:
<extendedAttributeName1>:<reservedValue>:<valueLength>=<value>;<extendedAttributeName2>:<valueN>
Note: <reservedValue> is a value reserved for future use. It is currently always set to 01.
Attribute mapping can be set from the managed ADS endpoint by specifying a mapping function substring with an offset and length. For more detailed information, see the section Explore and Correlate Parameters in the Administrator Guide.
GUAttrName[=Endpoint Type:AccountAttrName[:Offset,Length]]
The following is an example of mapping the extended attributes to a global user's custom attributes:
eTADSpayload extendedAttribute1:01:0006=value1;extendedAttribute2:01:0007=value10;extendedAttribute2:01:0008=value100 eTCustomField01=eTADSpayload:SUB(28,6) eTCustomField02=eTADSpayload:SUB(62,7) eTCustomField03=eTADSpayload:SUB(97,8)
We can see that the attribute mapping mechanism is using substring (SUB) and specifying the offset and the length of the value.
Important! The mapping extended ADS attributes mechanism has limited functionality and is not intended to support the full functionality of built-in ADS attributes. The mechanism assumes that all of the following conditions are true:
|
Copyright © 2013 CA.
All rights reserved.
|
|