A LDAPSearch element has the following XML attributes:

  • baseDN: a required element specifying the LDAP search base distinguished name (DN) to be used when querying for the System for Cross-domain Identity Management (SCIM) resource.
  • filter: a required element specifying an LDAP filter that matches entries representing the SCIM resource. This filter is typically an equality filter on the LDAP object class.
  • resourceIDMapping: an optional element specifying a mapping from the SCIM resource ID to an LDAP attribute. When the element is omitted, the resource ID maps to the LDAP entry DN.
Note:

The LDAPSearch element can be added as a top-level element outside of any <Resource> elements, and then referenced within them with an ID attribute.