Sun Java System Identity Synchronization for Windows 6.0 Deployment Planning Guide

ProcedureTo Configure the Creation Attributes

  1. Click Creation Attributes under the Object Creation tab.

  2. Provide a mapping or default value for sn, a mandatory attribute for the inetOrgPerson object class.

    Active Directory has a corresponding attribute sn. However, Windows NT does not have an equivalent attribute, so the special ** NO VALUE ** value is provided. Because Example Bank’s requirements do not include creating users in Windows NT, this value does not appear in any of the user entries. This value is only provided to conform to the Console’s validations.

    Configure the shadowmin, shadowmax, and shadowwarning attributes, which are used for PAM LDAP.

    • A shadowmin value of 7 implies that a user must wait seven days from the time the password has changed before changing it again.

    • A shadowmax value of 30 implies that the user must change the password at least every 30 days.

    • A shadowwarning value of 4 implies that the user is warned that the password must be changed four days before the password expires.

    Directory Server attributes that are grayed-out are mandatory creation attributes. The inetOrgPerson object class has cn and sn as mandatory attributes, and the shadowAccount object class has uid as a mandatory attribute.

    Creation Attributes Dialog Options