Attribute definition

Before you define unique attributes for the adapter, ensure that the attribute does not exist in the common schema.dsml file.

The following example defines an attribute:

<!-- *********************************************** -->
<!-- erSampleHome                                    -->
<!-- *********************************************** -->
	<attribute-type single-value = "true" >
		<name>erSampleHome</name>
		<description>User home directory</description>
		<object-identifier>1.3.6.1.4.1.6054.3.125.2.100</object-identifier>
		<syntax>1.3.6.1.4.1.1466.115.121.1.15</syntax>
	</attribute-type>

Comment lines are denoted by the <!— ... —> markers.

The attribute type is defined as single-value or multivalue. A single-value attribute is denoted by the line: <attribute-type single-value ="true">. To denote a multivalued attribute, change the true value to false.

The name of the attribute that is used by the IBM® Security Identity server is defined in the schema. To simplify the tracking of new Active Directory Adapter attributes, use erAD as the preface for all new attributes, so that they can be easily identified in your Windows Active Directory. When attributes have already been defined in the Windows Active Directory, and they do not conflict with existing attributes, they can be used without changing their names.

The description of the attribute is denoted by the <description>...</description> tags.

The OID is defined using the <object-identifier>...</object-identifier> tags. Because OIDs are already assigned to the existing, standard attributes, the OID can be copied from the last attribute in the list. Increment the last number by a value of one for each new attribute that you add to the schema.dsml file.

The data type is defined using the <syntax>...</syntax> tags. The following table lists various data types and the value that you specify in the syntax tags.