The syntax (or type) of an attribute usually determines whether the attribute is supported. In general, Identity Manager supports Boolean, string, integer, and binary syntaxes. A binary attribute is an attribute that can be safely expressed only as a byte array.
The following table lists the supported LDAP syntaxes. Other LDAP syntaxes might be supported, as long as it is Boolean, string, or integer in nature. Octet strings are NOT supported.
LDAP Syntax |
Attribute Type |
Object ID |
---|---|---|
Audio |
Binary |
1.3.6.1.4.1.1466.115.121.1.4 |
Binary |
Binary |
1.3.6.1.4.1.1466.115.121.1.5 |
Boolean |
Boolean |
1.3.6.1.4.1.1466.115.121.1.7 |
Country String |
String |
1.3.6.1.4.1.1466.115.121.1.11 |
DN |
String |
1.3.6.1.4.1.1466.115.121.1.12 |
Directory String |
String |
1.3.6.1.4.1.1466.115.121.1.15 |
Generalized Time |
String |
1.3.6.1.4.1.1466.115.121.1.24 |
IA5 String |
String |
1.3.6.1.4.1.1466.115.121.1.26 |
Integer |
Int |
1.3.6.1.4.1.1466.115.121.1.27 |
Postal Address |
String |
1.3.6.1.4.1.1466.115.121.1.41 |
Printable String |
String |
1.3.6.1.4.1.1466.115.121.1.44 |
Telephone Number |
String |
1.3.6.1.4.1.1466.115.121.1.50 |
The following attributes are displayed on the Account Attributes page for the RACF LDAP resource adapters.
Resource User Attribute |
Data Type |
Description |
---|---|---|
racfPassword |
Encrypted |
The user’s password on the resource |
RACF.GROUPS |
String |
The groups assigned to the user |
RACF.GROUP-CONN-OWNERS |
String |
Group connection owners |
RACF.USERID |
String |
Required. The user’s name |
RACF.MASTER CATALOG |
String |
Master catalog |
RACF.USER CATALOG |
String |
User catalog |
RACF.CATALOG ALIAS |
String |
Catalog alias |
racfOwner |
String |
The owner of the profile |
racfProgrammerName |
String |
The user’s name |
racfInstallationData |
String |
Installation-defined data |
racfDefaultGroup |
String |
The user’s default group |
RACF.EXPIRED |
Boolean |
Indicates whether to expire the password |
RACF.PASSWORD INTERVAL |
String |
Password interval |
TSO.Delete Segment |
Boolean |
If this field is set to true, the TSO Segment will be deleted from the RACF user. |
SAFAccountNumber |
String |
The user’s default TSO account number at logon |
SAFDefaultCommand |
String |
The default command at logon |
SAFHoldClass |
String |
The user’s default TSO hold class |
SAFJobClass |
String |
The user’s default TSO job class |
SAFMessageClass |
String |
The user’s default TSO message class |
SAFDefaultLoginProc |
String |
The name of the user’s default TSO logon procedure |
SAFLogonSize |
Int |
The minimum TSO region size if the user does not request a region size during logon |
SAFMaximumRegionSize |
Int |
The maximum TSO region size the user can request during logon |
SAFDefaultSysoutClass |
String |
The user’s default TSO SYSOUT class |
SAFDefaultUnit |
String |
The default name of a TSO device or group of devices that a procedure uses for allocations |
SAFUserdata |
String |
Installation-defined data |
SAFDefaultCommand |
String |
The TSO default command. |
racfOmvsUid |
String |
The user’s OMVS user identifier |
racfOmvsHome |
String |
The user’s OMVS home directory path name |
racfOmvsInitialProgram |
String |
The user’s initial OMVS shell program |
racfOmvsMaximumCPUTime |
Int |
User’s OMVS RLIMIT_CPU (maximum CPU time) |
racfOmvsMaximumAddressSpaceSize |
Int |
User’s OMVS RLIMIT_AS (maximum address space size) |
racfOmvsMaximumFilesPerProcess |
Int |
User’s OMVS maximum number of files per process |
racfOmvsMaximumProcessesPerUID |
Int |
User’s OMVS maximum number of processes per UID |
racfOmvsMaximumThreadsPerProcess |
Int |
User’s OMVS maximum number of threads per process |
racfOmvsMaximumMemoryMapArea |
Int |
User’s OMVS maximum memory map size |
racfTerminalTimeout |
String |
The amount of time that the user can be idle before being signed off by CICS |
racfOperatorPriority |
String |
The user’s CICS operator priority |
racfOperatorIdentification |
String |
The user’s CICS operator identifier |
racfOperatorClass |
String |
The CICS operator classes for which the user will receive BMS (basic mapping support) messages |
racfOperatorReSignon |
String |
A setting that indicates whether the user will be signed off by CICS when an XRF takeover occurs |
racfNetviewOperatorClass |
String |
Class of the operator |
NETVIEW.NGMFVSPN |
String |
Defines the operator’s authority to display NetView Graphic Monitor Facility views and resources within views. |
racfNGMFADMKeyword |
String |
Indicates whether this operator can use the NetView graphic monitor facility (NO or YES) |
racfMessageReceiverKeyword |
String |
Indicates whether the operator will receive unsolicited messages (NO or YES) |
racfNetviewInitialCommand |
String |
Initial command or list of commands to be executed by NetView when this NetView operator logs on |
racfDomains |
String |
Domain identifier |
racfCTLKeyword |
String |
Specifies GLOBAL, GENERAL, or SPECIFIC control |
racfDefaultConsoleName |
String |
MCS console identifier |
By default, the RACF LDAP resource adapter uses the following object classes when creating new user objects in the LDAP tree. Other object classes may be added.
racfuser
racfUserOmvsSegment
racfCicsSegment
SAFTsoSegment
racfNetviewSegment