The Map Class and Attributes Containers dialog lets you specify the objectclasses that can act as containers for accounts and groups, and their naming attributes.
By default Connector Xpress populates the Object Class list with the following entries which are the containers for inetOrgPerson and groupOfNames in the inetOrg schema, which are common account and group choices:
Note: The attributes displayed for inetOrgPerson account objects do not have a direct relation to the corresponding container. Although ideally they would match, however there is no guarantee that match do for any given account object.
This dialog contains the following fields:
Defines the name of the class you are mapping.
Limits: Must begin with a letter.
Describes the class you are mapping.
If unchecked, marks this class as mapped only for the purpose of establishing associations. As a result, Connector Xpress only maps its name and type. Instances of an unmanaged class can be listed and associated with other objects, but cannot be created, edited or deleted.
For compound classes, Connector Xpress selects this field by default, and cannot be cleared.
Specifies the classes that can be children of this container. For example, you can specify that the container Employee Groups can only allow Staff Group and Executive Group classes and not an individual Account Class.
Specifies all native LDAP object classes and displays the attributes in the attributes table.
You must associate every class mapping that you create with at least one structural class.
Specifies any existing auxiliary classes of the structural class you selected and displays the attributes from other auxiliary LDAP classes in the attributes table.
Displays the selected object classes for this provisioning class mapping.
Displays whether the native object class is structural or auxiliary.
Displays the inheritance hierarchy of this native object class.
Removes the selected object class.
Displays an overview of the attribute mappings you have selected.
Note: This table does not show the full set of mapping options. For rarely used options, expand the class node to display individual attribute detail nodes.
Displays the name of the native attribute.
Bold entries indicate mandatory entries that you must map at least once per class.
The naming attribute of the class in question is displayed in bold.
Default: String for JNDI. You can change the default if necessary.
Lists the provisioning attributes you can map to the native attribute.
Indicate that the attribute has already been mapped. For JNDI, these attributes can be mapped again.
Indicate mandatory entries that you must map at least once per class.
Indicate that the attribute is given a default name based on its native attribute name. You can modify this attribute in the Provisioning Attribute Details dialog.
Lets you remove a mapping.
Note: For account classes, this list also displays the list of well-known attributes.
Default: String for JNDI. You can change the default if necessary.
Important! The data model type is important because it drives data validation and conversion in clients and the CA IAM CS. The following types match syntaxes defined as part of the XML schema (XSD) specification. You can find information about the XML schema definition at the following website:
Defines an attribute whose value is arbitrary binary data.
Specifies logically true or false in XML, but represented by the Provisioning Server and JIAM APIs as 1 or 0 in LDAP attribute values.
Specifies a date.
Example: 1999-05-31
Note: The Dynamic Namespace plug-in to Provisioning Manager supports the years from 1800 through 9999. Other components of the solution impose no such restrictions and can represent virtually any year in recorded history.
Specifies a particular time on a particular day.
Example: 1999-05-31T13:20:00
Note: The Dynamic Namespace plug-in to Provisioning Manager supports the years from 1970 through 2036, so you must use Date to represent days falling outside of this range.
Note: Vendor differences complicate how Connector Xpress handles time-related columns. For example, MSSQL “DATETIME” signifies a DateTime value whereas other vendors use the standard “TIMESTAMP”, and MSSQL TIMESTAMPs are automatically generated binary values. Also, Oracle does not support a “TIME” type and its “DATE” type is also effectively a TIMESTAMP. Therefore, to remain vendor-neutral, Connector Xpress allows you to map to any of Date/DateTime/Time whenever it makes sense for you to do so.
Specifies a double-precision 64-bit floating-point value.
Specifies an attribute with a fixed list of enumerated values.
Specifies a distinguished name string format.
For example, "cn=Bob,ou=Sales,o=ExampleCorp". The connector enforces this.
Specifies an email address string format.
Specifies that quotes are removed from attribute values.
Specifies a single-precision 32-bit floating-point number.
Specifies a 32-bit value between -2147483648 and 2147483647.
Specifies a 64-bit value from 9223372036854775808 through 9223372036854775807.
Specifies an unrestricted field.
Specifies an offset of between 0 seconds and 23:59:59.
Example: 13:20:00
If selected, specifies that this attribute is multi-valued.
Note: If the native attribute is multi-valued, Connector Xpress automatically selects this check box. If the native attribute is single-valued, this option is cleared and read-only.
Displays an extended set of metadata properties. These fields are displayed when you select the Show extended set of metadata properties on the Connector Xpress Preferences dialog.
Note: For more information, see Extended Metadata Properties.
|
Copyright © 2013 CA.
All rights reserved.
|
|