Sun Java System Directory Server Enterprise Edition 6.0 Installation Guide

Attributes and Attribute Mapping

Attributes hold descriptive information about a user entry. Every attribute has a label, one or more values, and follows a standard syntax for the type of information that can be stored as the attribute value(s).

You can define attributes from the Console. Instructions for defining attributes are provided in Chapter 6, Configuring Core Resources.

Attribute Types

Identity Synchronization for Windows synchronizes significant and creation user attributes, as follows:

Significant attributes are automatically synchronized as creation attributes but not the other way around. Creation attributes are only synchronized during user creations.

Parameterized Attribute Default Values

Identity Synchronization for Windows allows you to create parameterized default values for creation attributes using other creation or significant attributes.

To create a parameterized default attribute value, you embed an existing creation or significant attribute name — preceded and followed by percent symbols ( %attribute_name%) — in an expression string. For example, homedir=/home/%uid% or cn=%givenName%. %sn%.

When you create these attribute default values:

Mapping Attributes

After you define the attributes, map the attribute names between the Directory Server and Active directory/Windows NT systems to synchronize them to each other. For example, you must map the Sun inetorgperson attribute to the Active Directory user attribute.

You use attribute maps for both significant and creation attributes, and you must configure attribute maps for all “mandatory creation attributes” in each directory type.