Identity Attributes on an LDAP Server

When identity manager is configured to connect to an LDAP server, identity manager can query the server for the identity attributes listed in LDAP Attributes for Role Selection.

Table 1. LDAP Attributes for Role Selection
Attribute Active Directory LDAP Attribute Attributes Allowed in Identity Manager Match Criteria
City l l or location
State st st or state
Country co co or country
Employee ID employeeID employeeID
Title title title
Department department department
Company company company
Email Address mail mail or email

An LDAP query contains one or more of the identity attributes listed in Identity (User/Device) Attributes and Source Software Components.

If an LDAP server fails to respond, the next configured LDAP server is contacted. When a server query succeeds, all further LDAP queries are sent to that LDAP server. All LDAP servers should be configured to synchronize the user information available in each of them.



Identity manager supports a maximum of eight LDAP servers.