Sun Identity Manager 8.1 Resources Reference

Group Management Attributes

The account attributes in the following table are not displayed in the schema by default. You must add the attribute to the schema map before you can manage groups.

Identity System Attribute  

Resource User Attribute  

LDAP Syntax  

Description  

user defined 

ldapGroups

ldapGroups

A list of distinguished names of groups the LDAP user is a member of. 

The resource attribute Group Member Attr specifies the attribute of the LDAP group entry that will be updated to contain the distinguished name of the user. The default value for the Group Member Attr is uniquemember.

user defined 

posixGroups

N/A 

A list of distinguished names of posixGroups entries the LDAP user is a member of.

For an account to be assigned membership in a Posix group, it must have a value for the uid LDAP attribute. The memberUid attribute of the posixGroup entries will be updated to contain the uid of the user.

Note the following behavior when either posixGroups or ldapGroups is defined in the schema map: