CFILE LDAP attribute mapping is needed to reconcile child data through CFILE reconciliation.
This appendix contains the following topics:
Note:
Only a user's profiles and facilities child data is reconciled through CFILE reconciliation. No other child values are reconciled.
Table D-1 lists CFILE record#, record type , LDAP attribute and the corresponding descriptions.
Table D-1 CFILE LDAP Attribute Mapping for Top Secret
| CFILE RECORD # | RECORD TYPE | LDAP ATTRIBUTE | DESCRIPTION |
|---|---|---|---|
|
NA |
ACCESSORID |
uid |
ACID Unique ID |
|
0100 |
NAME |
cn |
Full Name |
|
0200 |
TYPE |
type |
ACID Type (USER, PROFILE, and so on) |
|
0300 |
DEPT ACID |
deptAcid |
Department ID |
|
0300 |
DEPT NAME |
department |
Department Descriptive Name |
|
0400 |
DIV ACID |
divAcid |
Division ID |
|
0400 |
DIV NAME |
division |
Division Descriptive Name |
|
0450 |
ZONE ACID |
zoneAcid |
Zone ID |
|
0450 |
ZONE NAME |
zone |
Zone Description Name |
|
0500 |
CREATED |
createDate |
Create Date |
|
0500 |
LAST MOD |
lastModificationDate |
Modify Date |
|
0501 |
EXPIRES |
expires |
Expire Date |
|
0502 |
SUSPENDED |
suspendedUntilDate |
Suspend Date |
|
0600 |
PROFILES |
profiles, memberOf |
Profile Acids, Profile Acids Dn |
|
0650 |
GROUPS |
groupIds, groupOf |
Group Acids, Group Acids Dn |
|
0700 |
ATTRIBUTES |
attributes |
Security Attributes |
|
0800 |
BY PASSING |
bypassing |
Security ByPassing Attributes |
|
0900 |
LAST USED |
lastUsed |
Last Used Date |
|
1000 |
MASTER FAC |
xresource |
NA |
|
1100 |
LOCK TIME |
lockTime |
NA |
|
1200 |
LANGAUGE |
language |
Language |
|
2002 |
XA DATASET |
xresources |
SEE BELOW (#A) |
|
2005 |
XA xxxx (RESOURCE) |
xresources |
SEE BELOW (#B) |
|
2014 |
PRIVPGM |
xresources |
SEE BELOW |
|
2021 |
ACCESS |
xresources |
NA |
|
2016 |
ACTION |
xresources |
NA |
|
2100 |
FACILITY |
facilities, facilityOf |
Facility Acid, Facility Acid Dn |
|
2200 |
SOURCES |
sources |
Source ACID |
|
2300 |
OPIDENT |
cicsOpident |
CICS Operator Identification Value |
|
2300 |
OPPRTY |
cicsOpprty |
CICS Operator Priority |
|
2301 |
SITRAN |
cicsSitran, cicsSitranFacility |
CICS Transaction Following Facility Sign-In, CICS Facility Associated With Transaction |
|
2400 |
OPCLASS |
cicsOpclass |
CICS Operator Classes |
|
2500 |
SCTYKEY |
cicsSctykey |
CICS Security Keys |
|
2600 |
INSTDATA |
Instdata |
255 Byte Text Field |
|
2700 |
USER |
NA |
NA |
|
2800 |
ACID |
uniqueIds uniqueMember |
Acids Profile Mem, Acids Dn |
|
2901 |
FACILITIES |
facilitiesp |
Admin Facilities |
|
2902 |
ACID |
acid |
Admin Acid |
|
2903 |
LIST DATA |
listData |
Admin List Data |
|
2904 |
MISC1 |
misc1 |
Admin Authority |
|
2905 |
MISC9 |
misc9 |
Admin Authority |
|
2906 |
RESOURCES |
res |
Admin Authority |
|
2907 |
NA |
NA |
NA |
|
2908 |
MISC2 |
misc2 |
Admin Authority |
|
2909 |
SCOPE |
scope |
Admin Authority |
|
2910 |
MISC8 |
misc8 |
Admin Authority |
|
2911 |
ACCESS |
access |
Admin Authority |
|
2912 |
MISC3 |
misc3 |
Admin Authority |
|
2913 |
MISC4 |
misc4 |
Admin Authority |
|
2914 |
MISC5 |
misc5 |
Admin Authority |
|
2921 |
ACCESS |
xresources |
See Below |
|
3000 |
PASSWORD |
passwordExpireDate passwordExpireInterval |
Password Info |
|
3500 |
TSOLPROC |
tsolproc |
TSO Logon Proc |
|
3501 |
TSOLACCT |
tsolacct |
TSO Logon Account |
|
3502 |
TSOJCLASS |
tsojclass |
TSO Job Class |
|
3503 |
TSOMCLASS |
tsomclass |
TSO Message Class |
|
3504 |
TSOLSIZE |
tsolsize |
TSO Region Size |
|
3505 |
TSOUDATA |
tsoudata |
TSO User Data |
|
3506 |
TSODEFPRFG |
tsodefprfg |
TSO Performance Group |
|
3507 |
TSOOPT |
tsoopt |
TSO Options |
|
3508 |
TSOCOMMAND |
tsocommand |
TSO Logon Command |
|
3509 |
TSODEST |
tsodest |
TSO Output Destination |
|
3510 |
TSOHCLASS |
tsohclass |
TSO Hold Class |
|
3511 |
TSOMSIZE |
tsomsize |
TSO Max Region Size |
|
3512 |
TSOSCLASS |
tsosclass |
TSO Sysout Class |
|
3513 |
TSOUNIT |
tsounit |
TSO Unit |
|
3700 |
FACILITY |
facilities |
Facility, All |
|
4011 and 4012 |
USER-DEFINED |
User Defined |
User Defined Field Attribute will Match Field Name |
|
4011 |
#APPL |
lu62#appl |
LU 6.2 #Appl |
|
4011 |
#ENTITY |
lu62#entity |
LU 6.2 #Entity |
|
4011 |
BC1CHAIN |
lu62bc1chain |
LU 6.2 Bc1chain |
|
4011 |
BC2CHAIN |
lu62bc2chain |
LU 6.2 Bc2chain |
|
4011 |
SET1DISP |
lu62set1disp |
LU 6.2 Set1disp |
|
4011 |
SET2DISP |
lu62set2disp |
LU 6.2 Set2disp |
|
4011 |
NETVCONS |
netviewConsname |
Netview Console Identifier |
|
4011 |
NETVCTL |
netviewControl |
Netview Security Check Type |
|
4011 |
NETVDMNS |
netviewDomains |
Netview Cross-Domain Sessions |
|
4011 |
NETVIC |
netviewInitCms |
Netview Initial Command |
|
4011 |
NETVMSGR |
netviewMsgrecvr |
Netview Receive Unsolicited Messages |
|
4011 |
NETVNGMF |
netviewNgmfadmn |
Netview Authority To Graphic Monitor Facility |
|
4011 |
NETVOPCL |
netviewOpclass |
Netview Scope Classes |
|
4401 |
UID |
omvsUid |
Omvs User ID |
|
4402 |
GID |
omvsGid |
Omvs Group ID |
|
4403 |
HOME |
omvsHome |
Omvs Home Subdirectory |
|
4404 |
OMVSPRGM |
omvsProgram |
Omvs Program |
|
4405 |
DFLTGRP |
defaultGroup |
Omvs Default Group |
|
4406 |
ASSIZE |
omvsAssize |
Omvs Max Address Space Size |
|
4407 |
MMAPAREA |
omvsMmapArea |
Omvs Max Data Space Pages |
|
4408 |
OECPUTM |
olecputm |
Omvs Max Cpu Time |
|
4409 |
OEFILEP |
omvsOefilep |
Omvs Max Files Per Process |
|
4410 |
PROCUSER |
omvsprocuser, procuser |
Omvs Max Processes |
|
4411 |
THREADS |
omvsThreads |
Omvs Max Pthreads Created |
LDAP ATTRIBUTE -> XRESOURCES
User is expected to read the xresources attribute and parse the data as needed for their application use.
:: Separates Field Name::Field Value
| Separates Different Fields
EXAMPLE DATA FOR DIFFERENT TYPES ->
acid-res::ACID|acid-auth::AMPIO#T|
rclass::$MOBIUS|rowner::DSAPP1|rres::DS.|alevel::READ|authfac::MOBIUST|authfac::MOBIUSP|
xauthclsn::DATASET|xauthdsno::DATASEX|xauthdsn::TXXXA.DUMMY4|alevel::READ|authfac::CICSPROD|authfacs::CICSTEST|