Identity Manager supports the following LDAP objects by default. Any string-, integer-, or Boolean-based attributes can also be managed.
Resource Object |
Features Supported |
Attributes Managed |
---|---|---|
Group |
Create, update, delete, rename, saveas |
cn, description, owner, uniqueMember |
Posix Group |
Create, update, delete, rename, saveas |
cn, description, gid, memberUid |
Domain |
Find |
dc |
Organizational Unit |
Create, delete, rename, saveas, find |
ou |
Organization |
Create, delete, rename, saveas, find |
o |
The LDAP resource adapter provides management of posixGroup entries. By default, the list of accounts that are available to be assigned to a posixGroup have the posixAccount object class. The LDAP Create Posix Group Form and LDAP Update Posix Group From can be customized to list accounts other than posixAccounts. However, these accounts must have a uid attribute defined to be a member of a posixGroup.