User Attributes in Classic Zones
A user extension object is a serviceConnectionPoint object that is created in
the Users sub-container of the zone. The pseudoattributes for this object are
stored in the keywords attribute.
| User attribute | Stored in Active Directory attribute |
|---|---|
UnixName
|
cn:userlogin For SCP objects, the Name attribute is a logical pointer that is the same as the CN attribute. You can use either attribute to store the user's UNIX login name. For example: cn:cain |
UserVersion
|
displayName:UserVersion This attribute determines compatibility between a user profile object and the Access Manager console. The only valid value for this attribute is \$CimsUserVersion2. For example: displayName:\$CimsUserVersion2 |
ParentLink
|
managedBy:DN_ActiveDirectoryUser You can use the managedBy or keywords attribute to store the parentLink. If the zone is a 2.x and 3.x compatible zone, you should set this attribute to the DN of the parent Active Directory user object. For example: managedBy:cn=ben.lau,cn=users,dc=ice,dc=net If the zone does not need to be compatible with older versions of Server Suite software, you can use the keywords attribute and parentLink pseudo-attribute to specify the security identifier (SID) of the parent Active Directory user object. For example: keywords:parentLink:S-n-n-nn-nnn.. |
Uid
|
keywords:uid:value For example: keywords:uid:458 |
Gid
|
keywords:gid:value For example: keywords:gid:458 |
Home
|
keywords:home:value For example: keywords:home:/home/shea |
Shell
|
keywords:shell:value For example: keywords:shell:/bin/bash |
UnixEnabled
|
keywords:unix_enabled:value For example: keywords:unix_enabled:False |
ForeignForest
|
keywords:foreign:value This attribute indicates whether a user in a zone is from an external forest. For example: keywords:foreign:False |
AppEnabled
|
This attribute is no longer used. |
