Sun Java System Identity Synchronization for Windows 6.0 Installation and Configuration Guide

Creating Parameterized Default Attribute Values

Identity Synchronization for Windows allows you to create parameterized default values for attributes using other creation or significant attributes.

To create a parameterized default attribute value, you embed an existing creation or significant attribute name— preceded and followed by percent symbols (% attribute_name %) — in an expression string. For example, homedir=/home/%uid% or cn=%givenName% %sn%.

When you create these attribute values:

Note –

When Group Synchronization is enabled, the following are important:

  1. The creation expression supported at Active Directory is cn=%cn%.

  2. The creation expression must contain valid attribute names belonging to the group objectclass also since the creation expression is common to both user as well as the group.

    For example: The attribute sn is not part of the groupofuniquenames objectclass at the Directory Server. Hence the following creation expression would be invalid for a group object. (Though it would work fine for user.)


  3. The attribute used in the creation expression must be provided with a value for every user/group entry created. The value maybe provided using the command line interface, if the console does not have the provision.