Configuring global sensitive attributes
The PingDirectory server supports the ability to define sensitive attributes as a global configuration option so that they’re automatically used across all client connection policies.
About this task
Administrators can assign one or more sensitive attribute definitions to a client connection policy.
When working in an environment with multiple client connection policies, it can be easy to add a sensitive attribute definition to one policy but overlook it in another. |
Steps
-
To add a global sensitive attribute across all client connection policies, run the
dsconfig
tool.Example:
The following command adds the
employeeSSN
as a global sensitive attribute, which is applied across all client connection policies.$ bin/dsconfig set-global-configuration-prop --add "sensitive-attribute:employeeSSN"