Agent for SharePoint Guide › Configure Your CA SiteMinder® Policy Server › Configure your Policy Server › Create Virtual Attribute Mappings for your User Claim

Create Virtual Attribute Mappings for your User Claim

Integration with SharePoint requires at least one claim that contains an identifier that uniquely identifies the user. These claims often appear in the people picker as cryptic values, such as the following example:

uid=e123456

Such claims are difficult to associate with the intended user. The Agent for SharePoint uses a special attribute mapping which retrieves the display name of the user. This user name appears next to the related identifier claim in the people picker. After this user mapping is configured, the previous example appears in the people picker like the following one:

uid=e123456 associated_user_name

To create a virtual attribute mapping for your user claim, select the procedure corresponding to your type of directory server from the following list:

• Create an attribute mapping for user claims in LDAP directories.
• Create an attribute mapping for user claims in Active Directory servers.
• Create attribute mappings for user claims in an ODBC directory.

Create an Attribute Mapping for User Claims in an LDAP Directory

The CA SiteMinder® Agent for SharePoint requires an attribute mapping that is based on an attribute with a unique value for each user. Use the Administrative UI to create a pair of attribute mappings that defines how CA SiteMinder® searches for user claims through the SharePoint people picker.

Follow these steps:

1. Log on to the CA SiteMinder® Administrative UI.
2. Click Infrastructure, Directory, User Directory.

   A list of user directory connections appears.

3. Click the name of the user directory that you want to modify.

   The View User Directory screen appears. All fields and controls are inactive.

4. Scroll to the bottom of the page and click Modify.

   The Modify User Directory page appears. All fields and controls are active.

5. In the Attribute Mapping List section, click Create.

   The create attribute mapping page appears.

6. Verify that the Create a new object of type Attribute Mapping option button is selected, and then click OK.
7. Click the name field, and enter the following name:

   useridentifier
   

8. Verify that the Alias option button is selected, and then click the Definition field.
9. Enter the following definition:

   uid
   

10. Click OK.

    The Modify User directory page appears.

11. To create the second mapping, repeat Steps 4 through 5.
12. Click the name field, and then enter the following name:

    smuserdisplayname
    

13. Verify that the Alias option button is selected, and then click the Definition field.
14. Enter the following definition:

    displayName
    

15. Click OK.

    The Modify User directory page appears.

16. Click Submit.

    The attribute mappings are created.

Create Attribute Mappings for User Claims in a Microsoft Active Directory Server

The CA SiteMinder® Agent for SharePoint requires an attribute mapping that is based on an attribute with a unique value for each user. Use the Administrative UI to create a pair of attribute mappings that defines how CA SiteMinder® searches for user claims through the SharePoint people picker.

Follow these steps:

1. Log on to the CA SiteMinder® Administrative UI.
2. Click Infrastructure, Directory, User Directory.

   A list of user directory connections appears.

3. Click the name of the user directory that you want to modify.

   The View User Directory screen appears. All fields and controls are inactive.

4. Scroll to the bottom of the page and click Modify.

   The Modify User Directory page appears. All fields and controls are active.

5. In the Attribute Mapping List section, click Create.

   The create attribute mapping page appears.

6. Verify that the Create a new object of type Attribute Mapping option button is selected, and then click OK.
7. Click the name field, and enter the following name:

   useridentifier
   

8. Verify that the Alias option button is selected, and then click the Definition field.
9. Enter the following definition:

   sAMAccountName
   

10. Click OK.

    The Modify User directory page appears.

11. To create the second mapping, repeat Steps 4 through 5.
12. Click the name field, and then enter the following name:

    smuserdisplayname
    

13. Verify that the Alias option button is selected, and then click the Definition field.
14. Enter the following definition:

    displayName
    

15. Click OK.

    The Modify User directory page appears.

16. Click Submit.

    The attribute mappings are created.

Create Attribute Mappings for User Claims in an ODBC Directory

The CA SiteMinder® Agent for SharePoint requires attribute mappings that are based on attributes with a unique value for each user. To create three attribute mappings that define how CA SiteMinder® searches for user claims through the SharePoint people picker, use the Administrative UI .

Follow these steps:

1. Log on to the CA SiteMinder® Administrative UI.
2. Click Infrastructure, Directory, User Directory.

   A list of user directory connections appears.

3. Click the name of the user directory that you want to modify.

   The View User Directory screen appears. All fields and controls are inactive.

4. Scroll to the bottom of the page and click Modify.

   The Modify User Directory page appears. All fields and controls are active.

5. To create the first mapping, do the following steps :
   1. In the Attribute Mapping List section, click Create.

      The create attribute mapping page appears.

   2. Verify that the Create a new object of type Attribute Mapping option button is selected, and then click OK.
   3. Click the name field, and enter the following name:

      useridentifier
      

   4. Verify that the Alias option button is selected, and then click the Definition field.
   5. Enter the following definition:

      UserID
      

   6. Click OK.

      The user mapping is created and the Modify User Directory page reappears.

6. To create the second mapping, do the following steps:
   1. In the Attribute Mapping List section, click Create.

      The create attribute mapping page appears.

   2. Verify that the Create a new object of type Attribute Mapping option button is selected, and then click OK.
   3. Click the name field, and enter the following name:

      smuserdisplayname
      

   4. Verify that the Alias option button is selected, and then click the Definition field.
   5. Enter the following definition:

      Name
      

   6. Click OK.

      The user mapping is created and the Modify User Directory page reappears.

7. To create the third mapping, do the following steps:
   1. In the Attribute Mapping List section, click Create.

      The create attribute mapping page appears.

   2. Verify that the Create a new object of type Attribute Mapping option button is selected, and then click OK.
   3. Click the name field, and enter the following name:

      smusergroups
      

   4. Verify that the Alias option button is selected, and then click the Definition field.
   5. Enter the following definition:

      Name
      

   6. Click OK.

      The user mapping is created and the Modify User Directory page reappears.

8. Click Submit.

   The user directory modifications are committed.