Identifying inbound provisioning group attributes for LDAP - PingFederate - 10.3

PingFederate Server

bundle
pingfederate-103
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 10.3
category
Product
pf-103
pingfederate
ContentType_ce

You must identify the datastore attributes you want to provision when writing group information to the datastore.

You can identify these attributes on the Attributes tab.

Screen capture of the Attributes tab.
Note:

This tab only appears if you are configuring an LDAP user store for provisioning and the User and Group Support option is selected on the Connection Type tab.

PingFederate internally manages several attributes that do not require mapping:
  • objectClass
  • objectGUID
  • member

You can override the internal management of objectClass by selecting and mapping it to a System for Cross-domain Identity Management (SCIM) attribute on the Attribute Fulfillment tab. In this case, the values you supply are used. The objectGUID and member attributes cannot be overridden and are ignored if selected.

  1. Select a root object class and an attribute from the lists, and then click Add Attribute.
  2. Repeat the previous step for each attribute requiring provisioning.