Establish Connections to User Directories

CA SiteMinder® Federation Standalone Guide › User Directory Connections for Authentication › Create a Common View of the Same User Information Across Directories › Establish Connections to User Directories

Establish Connections to User Directories

Before you can establish user attribute mappings, establish connections to the user directories that store user records.

LDAP or ODBC are the two types of directories to which the product can connect.

Follow these steps:

Click the User Directory tab.
Click Connect to LDAP or ODBC.
Configure the settings in each section. Required parameters are marked by red dots.
Note: Click Help for a description of fields, controls, and their respective requirements.
Click Failover or Load Balancing if you want to set up either of these features.
Click Test Connection to verify that the connection is valid.
You can click View Contents to list the contents of the user directory.

Note:
- For an LDAP directory connection, the View Contents button is displayed only if the Search Root, Start User DN Lookup, End User DN Lookup, and Universal ID Attribute values are set.
- For an ODBC directory connection, the View Contents button is displayed only if the Universal ID Column value is set.
Click Save.
If your settings are valid, you are redirected to the View User Directories dialog.

The connection to the directory is configured.

Configure User Attribute Mappings

Use one or more of the following mapping types to define attribute mappings:

Alias
Group Name
Mask
Constant
Expression

The following table lists the type of data you can enter in the mapping definition. Define individual mappings for each user directory in your deployment.

Mapping Type	Map Common Name to...	Data Types	Access
Alias	A user attribute name in the directory.	String, Number, Boolean	Read/Write
Group name	An attribute that identifies whether a user belongs to a specific group.	Boolean	Read/Write
Mask	A user attribute that stores a bit pattern.	Boolean	Read/Write
Constant	A value that is the same or constant for every user in a directory.	String, Number, Boolean	Read
Expression	To an expression. For complete syntax information, see the Attributes and Expression Reference appendix in the SiteMinder Policy Server Configuration Guide. This guide is part of the SiteMinder bookshelf.	String, Number, Boolean	Read

The configuration procedures for each mapping type are basically the same. Refer to the use cases for each mapping type for implementation examples.

Follow these steps:

In the Administrative UI, navigate to the User Directory tab.
Select one of the Connect to options in the User Directory List.
Verify that a user directory connection is configured or configure one.
Scroll to the Directory Mapping Attribute section and select Create Mapping.
Complete the General fields:

Name

Specify the common name for this mapping. Common names must conform to the same rules as user attribute names.

Description

Enter a description of the attribute mapping.
Complete the Properties fields:

Mapping type

Select the mapping type that you want to configure.

Definition

Enter the mapping definition using the appropriate syntax. Refer to the previous table.
(Optional) Select Disabled to disable an attribute mapping.
Click Save.

The new attribute mapping is submitted and then added to the list on the Attribute Mapping List table.