Select a sub-attribute in the Attribute column and
Applicable only to complex attributes or complex multivalued attributes, see Specifying custom SCIM attributes.
Select the class containing a user-store attribute in the
Root Object Class column that you want to map to the
provisioning attribute shown in the Field Name
For some fields, you might not need to map specific user attributes. If so, supply a value in the Default Value field, skip this step, and go to step 5. For certain attributes, you can specify both LDAP attributes and a default value, as needed.
- Select the source attribute from the class in the LDAP Attribute column. Click Add Attribute.
In the Options section, select one
or more processing options.
Processing option Description Create OnlyThe field is provisioned only once and not subsequently updated.Note:
For System for Cross-domain identity Mangement (SCIM), the
Passwordattribute should be passed only when creating a user or updating the password. Select Create Only to limit when the
Passwordattribute is passed.
Trim Removes any white space from the attribute values. Mask Log Values Determines whether sensitive information, such as the
Passwordattribute, will be masked in PingFederate log files.
Upper Case, Lower Case, or None Transforms the attribute values to the case indicated unless the None option is selected, the default. Parsing > Extract CN from DN For attributes in the form of a distinguished name (DN), such as Group DNs in Active Directory, maps only the common name portion of the DN. Parsing > Extract Username from Email For attributes containing an email address, maps only the username.
- In the Default Value field, enter a default value.
Click Add Mapping.
For complex attributes or complex multivalued attributes, repeat these steps to map additional sub-attributes as needed.
- Click Done.
Page created: 16 Jul 2021 |
Page updated: 19 Jan 2022