000020577 - How to map user properties to IBM Directory Server attributes

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000020577
Applies ToRSA ClearTrust 5.0.1 Authorization Server (AServer)
IBM Directory Server 5.1
IssueHow to map user properties to IBM Directory Server attributes
ERROR: null object class
Invalid Syntax
CauseNull Object Class error can be caused if the attribute is not assigned to the InetOrgPerson object class
Invalid Syntax error can occur if the attributes syntax is not compatible with that of the cleartrust user property
ResolutionTo map ClearTrust properties with IBM Directory Server (IDS) attributes, you must first make sure that the attribute has been added to the IDS with syntax compatible with the ClearTrust data type; then, map the attribute to the InetOrgPerson object class.

Minimum requirements when adding an IDS attribute:

1. Attribute name

2. OID (which is attributename-oid)

3. Syntax (which is compatible to the ClearTrust data type)

The following have been verified to work with RSA ClearTrust:

RSA ClearTrust          IDS Syntax

Boolean                   String
Date                        Generalized Time
Float                       String
Integer                     Integer
String                      String
Legacy Article IDa17490

Attachments

    Outcomes