The following scenarios are supported:
Single LDAP attribute with a single value
For example: uid=jsmith.Multiple LDAP attributes, each with a single value
To specify multiple attributes, separate them with a semicolon when you enter them in the Login properties field (while adding the repository to IBM WebSphere® Application Server). For example, where uid=jsmith and firstname.lastname@example.org, you would enter: uid; mail.Single LDAP attribute with multiple values
For example, mail is the login attribute and it accepts two different email addresses: an intranet address and an extranet address. For example: mail=jsmith@myCompany.com or email@example.com. Multiple LDAP attributes, each with multiple values
For example: uid=jsmith or uid=john_smith and firstname.lastname@example.org or email@example.com or mail=jsmith@MyCompany.com.Multiple LDAP directories
For example: One LDAP directory uses uid as the login attribute and the other uses mail. You must repeat the steps in Setting up federated repositories for each LDAP directory.
You can map multiple values to common attributes such as uid or mail.
If, for example, you mapped the following attributes for a user called Sample User, all three values for the user are populated in the PROFILE_LOGIN table in the Profiles database:
A similar example for the uid property would have the following attributes:
By default, the population wizard only allows you to choose one attribute for logins, so you can't select mail and uid. You can, however, write a custom function to union multiple attributes.
The Profiles population wizard populates uid and mail during the population process but maps the loginID attribute to null. You can specify a custom attribute if your directory uses a unique login attribute other than, for example, uid or mail. The login value can be based on any attribute that you have defined in your repository. You can specify that attribute by setting loginID=attribute when you populate the Profiles database.
The following sample extract from the profiles-config.xml
file shows the standard login attributes:
The value for the loginID attribute is stored in the Prof_Login column of the Employee table in the Profiles database. For more information, see the Mapping fields manually
Using Profiles or LDAP as the repository
The default login attributes that are defined in the profiles-config.xml
file are uid, email, or loginID
If you change the default IBM
Connections configuration to use the LDAP directory as the user repository, WebSphere
Application Server maps uid as the login default.
Parent topic: Setting up federated repositories
Setting up federated repositories
Mapping fields manually