A Sun JavaTM System Access Manager deployment that stores users in an LDAP directory other than Sun Java System Directory Server must add the following object classes and attributes to the directory schema:
For example, if you have configured a generic LDAPv3 repository plug-in or a Microsoft® Active Directory plug-in for a realm, you must create and add the user schema to the datastore. You must perform this operation manually, because pre-populated LDIF files are not currently available to use.
Supported by: Access Manager
Definition: Contains session service related attributes.
Superior Class: top
Object Class Type: auxiliary
Required Attributes: none
Allowed Attributes:
Supported by: Access Manager
Definition: Contains the Access Manager attributes necessary to manage user accounts.
Superior Class: top
Object Class Type: auxiliary
Required Attributes: none
Allowed Attributes:
Supported by: Access Manager
Definition: Contains Access Manager attributes used to manage users.
Superior Class: top
Object Class Type: auxiliary
Required Attributes: none
Allowed Attributes:
Supported by: Access Manager
Definition: Contains Access Manager attributes used to manage invalid login attempts and user lock out.
Superior Class: top
Object Class Type: auxiliary
Required Attributes: none
Allowed Attributes:
Supported by: Sun One Directory Server
Definition: Auxiliary class that has to be present in an entry for delivery of subscriber services.
Superior Class: top
Object Class Type: auxiliary
Required Attributes: none
Allowed Attributes:
Supported by: Access Manager
Definition: Contains SAML service related attributes.
Superior Class: top
Object Class Type: auxiliary
Required Attributes: none
Allowed Attributes:
Supported by: Access Manager
Definition: Contains Discovery Service related attributes.
Superior Class: top
Object Class Type: auxiliary
Required Attributes: none
Allowed Attributes:
Supported by: Access Manager
Definition: Contains session service related personal profile (PP) attributes.
Superior Class: top
Object Class Type: auxiliary
Required Attributes: none
Allowed Attributes:
Syntax: string
Description: Specifies the maximum session service Time
Syntax: string
Description: Specifies the maximum session idle time.
Syntax: string
Description: Specifies the maximum session caching time.
Syntax: string
Description: Specifies the session quota constraints.
Syntax: string
Description: Specifies the maximum session service status.
Syntax: string
Description: Specifies the get valid sessions.
Syntax: string
Description: Specifies destroy session.
Syntax: string
Description: Specifies add session listener on all sessions.
Supported by: Access Manager
Syntax: dn, single-valued
Description: Specifies the starting point node (DN) displayed in the starting view of the Access Manager Console when this administrator logs in.
Syntax: string
Description: Specifies the user alias names list.
Syntax: string
Description: Specifies the user authentication configuration.
Syntax: string
Description: Specifies the user Mobile Station Integrated Services Digital Network (MSISDN) number.
Syntax: string
Description: Specifies the redirection URL for a failed user authentication.
Syntax: string
Description: Specifies the redirection URL for a successful user authentication.
Syntax: string, single-valued
Description: Specifies the user login status:
Active - User is allowed to authenticate through the Access Manager.
Inactive - User is not allowed to authenticate through the Access Manager.
Syntax: string
Description: Specifies the Password Reset Force Reset password.
Supported by: Access Manager
Syntax: string, single-valued
Description: Specifies options used by the Access Manager password reset module.
Supported by: Access Manager
Syntax: string, single-valued
Description: Specifies the password question and answer used to prompt a user who has forgotten the password. The format is question answer.
Supported by: Access Manager
Syntax: dn, single-valued
Description: Specifies the status of the user for various services.
Syntax: string
Description: Specifies the user Federation information key.
Syntax: string
Description: Specifies user Federation information.
Supported by: Access Manager
Syntax: dn, multi-valued
Description: Specifies the role-dn of the administrator who has access rights to modify this user entry. By default, the value is set to the role-dn of the administrator who created the account.
Supported by: Access Manager
Syntax: string, multi-valued
Description: Specifies the description of the ACI that belongs to this role.
Supported by: Access Manager
Syntax: dn, multi-valued
Description: Defines the DNs for the static groups that this user belongs to.
Syntax: date string, single-valued
Description: Specifies the account expiration date in the following format:
yyyy/mm/dd hh:mm:ss
Syntax: string
Description: Specifies XML data for invalid login attempts.
Syntax: string
Possible values: "active", "inactive", or "deleted"
Description: Specifies the status of a user.
Syntax: string
Description: Specifies the SAML user ID.
Syntax: string
Description: Specifies the SAML user password.
Syntax: string
Description: Specifies the dynamic disco entries.
Syntax: string
Description: Specifies the Liberty PP common name.
Syntax: string
Description: Specifies the Liberty PP alternate common name.
Syntax: string
Description: Specifies the Liberty PP common name first name.
Syntax: string
Description: Specifies the Liberty PP common name surname.
Syntax: string
Description: Specifies the Liberty PP common name first name personal title.
Syntax: string
Description: Specifies the Liberty PP common name middle name.
Syntax: string
Description: Specifies the Liberty PP informal name.
Syntax: string
Description: Specifies the Liberty PP legal name.
Syntax: string
Description: Specifies the Liberty PP date of birth.
Syntax: string
Description: Specifies the Liberty PP marital status.
Syntax: string
Description: Specifies the Liberty PP gender.
Syntax: string
Description: Specifies the Liberty PP alternate identity type.
Syntax: string
Description: Specifies the Liberty PP alternate identity value.
Syntax: string
Description: Specifies the Liberty PP legal identity VATID type.
Syntax: string
Description: Specifies the Liberty PP legal identity VATID value.
Syntax: string
Description: Specifies the Liberty PP job title.
Syntax: string
Description: Specifies the Liberty PP employment organization.
Syntax: string
Description: Specifies the Liberty PP alternate employment organization.
Syntax: string
Description: Specifies the Liberty PP address card.
Syntax: string
Description: Specifies the Liberty PP message contact.
Syntax: string
Description: Specifies the Liberty PP façade mug shot.
Syntax: string
Description: Specifies the Liberty PP façade website.
Syntax: string
Description: Specifies the Liberty PP façade name pronounced.
Syntax: string
Description: Specifies the Liberty PP façade greet sound.
Syntax: string
Description: Specifies the Liberty PP façade greet me sound.
Syntax: string
Description: Specifies the Liberty PP demographics display language.
Syntax: string
Description: Specifies the Liberty PP demographics language.
Syntax: string
Description: Specifies the Liberty PP demographics birthday.
Syntax: string
Description: Specifies the Liberty PP demographics age.
Syntax: string
Description: Specifies the Liberty PP demographics time zone.
Syntax: string
Description: Specifies the Liberty PP signing key.
Syntax: string
Description: Specifies the Liberty PP encryption key.
Syntax: string
Description: Specifies the Liberty PP emergency contact.