Configuring Lightweight Directory Access Protocol attributes in a federated repository configuration

Follow this task to add, modify, or delete the configuration of supported, unsupported, and external LDAP attributes in a federated repositories configuration.

Procedure

  1. In the administrative console, click Security > Global security.
  2. Under User account repository, select Federated repositories from the Available realm definitions field and click Configure. To configure for a specific domain in a multiple security domain environment, click Security domains > domain_name. Under Security Attributes, expand User Realm, and click Customize for this domain. Select the Realm type as Federated repositories and then click Configure.
  3. Under Related items, click Manage repositories, and then in the panel that appears, click the repository_id of the LDAP repository.
  4. Under Additional properties, click the LDAP attributes link.
  5. To add a new LDAP attribute configuration, click Add and select one of the following options:
    • Select Supported to add a supported LDAP attribute configuration. On the panel that appears, enter the following details:
      Name
      Specifies the name of the LDAP attribute used in the repository LDAP adapter.
      Property name
      Specifies the name of the corresponding federated repository property.
      Syntax
      Specifies the syntax of the LDAP attribute. The default value is string. For example, the syntax of the unicodePwd LDAP attribute is octetString.
      Entity types
      Specifies the entity type that applies the attribute mapping.
      Default value
      Specifies the default value of the LDAP attribute.
      Default attribute
      Use this parameter to specify the default attribute of the LDAP attribute.
    • Select Unsupported to add a configuration for a federated repository property that the LDAP repository does not support. On the panel that appears, enter the following details:
      Property name
      Specifies the name of the federated repository property.
      Entity types
      Specifies one or more entity types. Use the semicolon (;) as the delimiter to specify multiple entity types.
    • Select External to add a configuration for an LDAP attribute that is used as an external ID in the specified LDAP repository. On the panel that appears, enter the following details:
      Name
      Specifies the name of the external ID attribute of the LDAP repository.
      Syntax
      Specifies the syntax of the LDAP attribute. The default value is string. For example, the syntax of the unicodePwd LDAP attribute is octetString.
      Entity types
      Specifies one or more entity types. Use the semicolon (;) as the delimiter to specify multiple entity types.
      Generate value
      Specifies whether or not the federated repository should generate the value of the LDAP attribute.
  6. To modify an existing configuration, click the Name/Property Name link and modify the details in the panel that appears.
  7. To delete an existing configuration, select the checkbox for the Name/Property Name and click Delete.
  8. Click OK and Save to the master configuration.
  9. Restart the application server.

Results

After completing these steps, LDAP attributes are configured in the federated repositories configuration.