Get Live Help
When creating a user in the ACF2 database, the following LDAP attributes must be defined:
vrtEntryCanonicalName is a virtual property, set to the canonical name of the object in the connector.
On the ACF2 system, acf2lid is the user ID.
vrtEntryDN is a virtual property, set to the DN of the object in the connector. Once this mapping rule has been created, edit the mapping rule by clicking on it. Then check the box marked Force mapping against direction of synchronization.
The objectClass attribute (multi-valued) on the ACF2 system. Activate the check box Ignore case sensitivity.
vrtStructuralObjectClass on the ACF2 system defines the single object class for the object type.
Create a fixed value property variable on the ACF2 side called vrtIdentDomain that is set to the value $IdentDomain$. Map this to UID_LDPDomain. This will cause a conflict and the Property Mapping Rule Conflict Wizard opens automatically.
To solve the conflict
Create a fixed value property variable on the One Identity Manager side called vrtParentDN equal to a fixed string with value $UserLocation$. Map this to vrtEntryParentDN on the ACF2 side.
Create a new variable on the One Identity Manager side of type "Format Defined Property" with name vrtRDN. Set its value to acf2lid=%CN%. Then map this to vrtEntryRDN on the ACF2 side.
Used to change a user’s ACF2 password. A condition needs to be set on this rule to map the password only when there is a value to be copied.
To add a condition
vrtEntryDN is a virtual property, set to the DN of the object in the connector. This forms a unique ID to distinguish individual user objects on the ACF2 system.
To convert this mapping into an object matching rule
A message appears.
The following figure shows the above user mapping in operation.