|Applies To||Although the attribute for email is mapped in ldap.conf and also provisioned for the user when the user was added, it cannot be used for a smartrule as it is a system required attribute.|
|Issue||AXM - Cannot use certain attributes for smart rules|
Trying to use email attribute to create a smartrule. Although email can be provisioned thru admingui, when trying to select it as a property to be used in the evaluation of a smart rule, the property does not appear in the pulldown.
This is noted in the Access Manager Administrators guide on page 35 (for 6.X AXM) where it states:
Important: Properties must have unique names. They cannot share names with the required user information fields listed in ?User Attributes? on page 28. For example, in the default iPlanet/Sun ONE configuration, the following attributes are reserved: cn, givenname, sn, mail, userpassword. Also, avoid system-level attributes. If you are using the default user object class, you cannot use the attributes dn, uid, o and dc as properties.
|Resolution||When creating smartrules, utilize properties outside of those which are listed as required for AXM. Refer to page 28 of the AXM administrators guide for which attributes cannot be used in the creation of smartrules based on your configuration. Mail is a required attribute which cannot be used in the creation of smartrules.|
|Legacy Article ID||a43785|