Create LDAP attribute
LDAP attributes are used to determine which LDAP attribute is associated with which Aeneis schema attribute. LDAP attributes can be created to LDAP classes.
Instruction:
-
Open the LDAP synchronization in the SystemAdministration and create an LDAP attribute under an LDAP class via the context menu:
-
Enter the name and confirm with Enter
-
Configure the LDAP attribute in the properties:
Property
Description
Attribute
Define here a schema attribute where the value will be written in.
Key column
This property determines that the column is used to uniquely identify the external objects. For each LDAP synchronization, define only one column as a key column.
ACL field (optional)
This property determines that the ACL column contains GUID values, which are then used for the respective created objects.
Map existing objects using this attribute
This property determines that objects are compared during synchronization based on this attribute.
LDAP attribute
LDAP attribute to be synchronized (e.g. "cn", "sAMAccountName").
Note: When synchronizing in directory objects (users, groups), it should be noted that for these the Name attribute is not assigned with the synchronization ID, but with the login name. So the login name (LDAP attribute sAMAccountName) is not automatically transferred to the Name attribute by using the key column. This must happen in a separate assignment via an LDAP attribute.
Important/frequently used LDAP attributes:
|
LDAP attribute |
Description |
|---|---|
|
sAMAccountName |
Login name of the user |
|
|
Email address |
|
sn |
Last name |
|
givenName |
First name |
|
cn |
Full name |
Related Topics