Ping Identity Directory Server - Correlated LDAP Data View

Directory Server Documentation Index
Configuration Reference Home

Correlated LDAP Data View

Note: this component stores cluster-wide configuration data and is mirrored across all servers in the topology within the the same cluster.

Note: changes to cluster-wide configuration objects are immediately and automatically mirrored across all servers within the same cluster, so offline changes are not supported.

Correlated LDAP Data Views persist a subset of LDAP attributes for a SCIM 2.0 Resource Type.

↓Relations from This Component
↓Relations to This Component
↓Properties
↓dsconfig Usage

Relations from This Component

The following components have a direct composition relation from Correlated LDAP Data Views:

LDAP Correlation Attribute Pair

Relations to This Component

The following components have a direct composition relation to Correlated LDAP Data Views:

SCIM Resource Type

Properties

The properties supported by this managed object are as follows:

Basic Properties:	Advanced Properties:
↓ structural-ldap-objectclass	↓ include-operational-attribute
↓ auxiliary-ldap-objectclass
↓ include-base-dn
↓ include-filter
↓ create-dn-pattern
↓ primary-correlation-attribute
↓ secondary-correlation-attribute

Basic Properties

structural-ldap-objectclass

Description	Specifies the LDAP structural object class that should be exposed by this Correlated LDAP Data View.
Default Value	None
Allowed Values	The name or OID of the objectclass to expose.
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

auxiliary-ldap-objectclass

Description	Specifies an auxiliary LDAP object class that should be exposed by this Correlated LDAP Data View.
Default Value	None
Allowed Values	The name or OID of the auxiliary objectclass to expose.
Multi-Valued	Yes
Required	No
Admin Action Required	The Directory Server must be restarted for changes to this setting to take effect. Changes to this property will not take effect until the server is restarted.

include-base-dn

Description	Specifies the base DN of the branch of the LDAP directory that can be accessed by this Correlated LDAP Data View. Along with the include-filter property, this property determines whether an entry is included in this Correlated LDAP Data View.
Default Value	None
Allowed Values	A valid DN.
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

include-filter

Description	The set of LDAP filters that define the LDAP entries that should be included in this Correlated LDAP Data View. Along with the include-base-dn property, this property determines whether an entry is included in this Correlated LDAP Data View. If the include-base-dn property does not exclude an entry, then it will be included if it matches any of the filters specified here. If no filters are specified, then only the include-base-dn property is used to determine if an entry is included by this Correlated LDAP Data View.
Default Value	All entries are included by this Correlated LDAP Data View.
Allowed Values	A valid LDAP search filter
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

create-dn-pattern

Description	Specifies the template to use for the DN when creating new entries. If no value is specified, this Correlated LDAP Data View will not support create operations. The template may reference any LDAP attribute that is present in the mapped entry by using bracket notation. For example, the pattern "uid={uid},dc=example,dc=com" will substitute the entry's 'uid' value as the RDN. Substitutions are allowed for any DN components, not just the RDN. The Ping Identity Directory Server 'name with entryUUID' request control can be used to name entries by specifying the entryUUID attribute in the RDN in the DN pattern. For example, the DN pattern could be "entryUUID=server-generated,dc=example,dc=com". The RDN value - 'server-generated' in this example - is a placeholder value that is ignored. The actual value is generated by the Ping Identity Directory Server.
Default Value	None
Allowed Values	The pattern to use to construct the DN value.
Multi-Valued	No
Required	No
Admin Action Required	None. Modification requires no further action

primary-correlation-attribute

Description	The LDAP attribute from the parent SCIM Resource Type whose value will be used to match objects in the Correlated LDAP Data View. If multiple correlation attributes are required they may be created using additional correlation-attribute-pairs.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

secondary-correlation-attribute

Description	The LDAP attribute from the Correlated LDAP Data View whose value will be matched with the primary-correlation-attribute. If multiple correlation attributes are required they may be specified by creating additional correlation-attribute-pairs. On a create request, if this attribute does not already have a value from the request, then the attribute is automatically created with a value equal to that of the primary correlation attribute.
Default Value	None
Allowed Values	A string
Multi-Valued	No
Required	Yes
Admin Action Required	None. Modification requires no further action

Advanced Properties

include-operational-attribute (Advanced Property)

Description	Specifies the set of operational LDAP attributes to be provided by this Correlated LDAP Data View. By default, operational attributes are not provided by the Correlated LDAP Data View. However, there may be cases where you wish to create an attribute mapping that depends on an operational attribute from the LDAP server. Specifying it here will cause it to appear in the schema exposed by the Correlated LDAP Data View and allow the attribute to be mapped to a SCIM Resource Type attribute.
Default Value	None
Allowed Values	An LDAP attribute name or OID
Multi-Valued	Yes
Required	No
Admin Action Required	None. Modification requires no further action

dsconfig Usage

To list the configured Correlated LDAP Data Views:

dsconfig list-correlated-ldap-data-views
     [--property {propertyName}] ...

To view the configuration for an existing Correlated LDAP Data View:

dsconfig get-correlated-ldap-data-view-prop
     --view-name {name}
     --type-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Correlated LDAP Data View:

dsconfig set-correlated-ldap-data-view-prop
     --view-name {name}
     --type-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Correlated LDAP Data View:

dsconfig create-correlated-ldap-data-view
     --view-name {name}
     --type-name {name}
     --set structural-ldap-objectclass:{propertyValue}
     --set include-base-dn:{propertyValue}
     --set primary-correlation-attribute:{propertyValue}
     --set secondary-correlation-attribute:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Correlated LDAP Data View:

dsconfig delete-correlated-ldap-data-view
     --view-name {name}
     --type-name {name}