To look up the 
You must configure the name of the LDAP Server policy in the [ldap_server] section.
If you configure both the append_domain parameter in the [username_transform] section and the [usermapping source=ldap_server] section of the SPS 
| Type: | string | 
| Required: | no | 
| Default: | N/A | 
Description: The user_attribute must be an LDAP/AD user attribute (with a non-empty UTF8 attribute string) that contains the external identity. For example, description, cn, mail. For a complete list see the User class section of the Active Directory Schema document.
This section contains username transformation-related settings.
If you have configured [USERMAPPING], the [username_transform] process will run after the [USERMAPPING] process.
| Type: | string (nonrequired, no default) | 
| Required: | no | 
| Default: | N/A | 
Description:
If the 
If you configure both the append_domain parameter in the [username_transform] section and the [usermapping source=ldap_server] section of the SPS 
The LDAP Server policy that you want to use in an LDAP server usermapping source or an LDAP server group whitelist source. Required if you have configured [usermapping source=ldap_server] and [whitelist source=ldap_server_group].
| Type: | string | 
| Required: | conditional | 
| Default: | N/A | 
Description: The name of a configured LDAP Server policy in SPS. For details on configuring LDAP policies, see "Authenticating users to an LDAP server" in the Administration Guide.
This section contains settings related to storing sensitive information of the plugin.
| Type: | string | 
| Required: | no | 
| Default: | N/A | 
Description: The name of a local Credential Store policy configured on SPS. You can use this Credential Store to store sensitive information of the plugin in a secure way (for example, the api_key value in the [yubikey] section).
For details, see Store sensitive plugin data securely.
© 2025 One Identity LLC. ALL RIGHTS RESERVED. Terms of Use Privacy Cookie Preference Center