This appendix describes the directory classes, attributes, and access rights that Logon Manager adds to your directory during schema extension.
vGOUserData objects are containers that store application credentials. (Credentials are stored as objects of type vGOSecret.)
Attributes:
Attribute Name | Syntax | Flag |
vGOSecretData | Case Ignore String | Singled Valued, Synchronize |
vGORoleDN | Not Used | |
Other optional attributes | ou, dn, cn, o |
Access rights: Users can read and write the above attributes under their own user objects. The administrator has full rights but will not be able to read the encrypted children (vGOSecret) of this object.
vGOSecret objects store all user secrets, including an object that stores each user's application credentials and deleted objects. This is added to the vGOUserData object as an auxiliary class.Attributes:
Attribute Name | Syntax | Flag |
vGOSecretData | Case Ignore String | Singled Valued, Synchronize |
vGOSharedSecretDN | Not Used | |
Other optional attributes | ou, dn, cn, o |
Access rights: As inherited from the vGOUserData object, plus: all users can read this object; only the owner can write to this object; and only the owner or an administrator can delete this object.
vGOConfig objects are containers that store Logon Manager configuration objects such as application templates, password generation policies, and administrative overrides.
Attributes:
Attribute Name | Syntax | Flag |
vGOConfigType | Case Ignore String | Singled Valued, Synchronize |
vGOConfigData | Case Ignore String | Singled Valued, Synchronize |
vGORoleDN | Not Used | |
Other optional attributes | ou, dn, cn, o |
Access rights: All users have read-only rights to the attributes within this object. The administrator has full rights.
vGOLocatorClass is a pointer object class. Objects of this class point the Logon Manager Agent to the location in which user credentials should be stored.
Attributes:
Attribute Name | Syntax | Flag |
vGOLocatorAttribute | Case Ignore String | Single Valued |
Other optional attributes | dn, cn, o |
Access rights: All users have read, compare, and search rights to these attributes for all objects of this class; the administrator has all rights.