|
|
|
Some SiteMinder features require read or read/write access to directory attributes. This information must be stored in a user directory to which SiteMinder has access. As you configure user directory connections, you must provide the names of certain user profile attributes in the directories. You can specify attributes in the User Attributes tab of the User Directory Dialog.
The attributes you specify must have specific data types. Password Attribute and Password Data require binary attributes, and all others require string attributes.
The attributes in the preceding figure are sample attributes. The attributes that you select for these fields may differ based on your directory type, schema, or preferences.
The attribute(s) you specify must:
The following attributes may be configured for LDAP directories:
Active Directory attribute SiteMinder uses as the Universal ID—for example, uid.
Active Directory attribute that SiteMinder uses to track disabled users—for example, carLicense.
The Disabled Flag attribute must have the type string.
Active Directory attribute that SiteMinder uses to authenticate a user’s password—for example, userPassword.
The attribute name you enter in this field must correspond to the location in the LDAP directory that contains user passwords. The attribute you choose must be of the type binary.
Active Directory attribute that SiteMinder uses for Password Services data, such as old passwords—for example, displayName.
The attribute you choose must be of the type binary.
Active Directory attribute that contains the user’s anonymous ID—for example, audio.
This attribute is not currently used by a SiteMinder feature.
Active Directory attribute containing a response that SiteMinder can send back to a user—for example, jpegphoto.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |