Note: this is an abstract component that cannot be instantiated.
Identity Mappers are responsible for establishing a mapping between an identifier string provided by a client, and the entry for the user that corresponds to that identifier. Identity Mappers are used to process several SASL mechanisms to map an authorization ID (e.g., a Kerberos principal when using GSSAPI) to a directory user. They are also used when processing requests with the proxied authorization control.
The following Identity Mappers are available in the server :
These Identity Mappers inherit from the properties described below.
The following components have a direct aggregation relation to Identity Mappers:
The properties supported by this managed object are as follows:
| Basic Properties: | Advanced Properties: |
|---|---|
| description | None |
| enabled |
| Description | A description for this Identity Mapper |
| Default Value | None |
| Allowed Values | A string |
| Multi-Valued | No |
| Required | No |
| Admin Action Required | None. Modification requires no further action |
| Description | Indicates whether the Identity Mapper is enabled for use. |
| Default Value | None |
| Allowed Values | true false |
| Multi-Valued | No |
| Required | Yes |
| Admin Action Required | None. Modification requires no further action |
To list the configured Identity Mappers:
dsconfig list-identity-mappers
[--property {propertyName}] ...
To view the configuration for an existing Identity Mapper:
dsconfig get-identity-mapper-prop
--mapper-name {name}
[--tab-delimited]
[--script-friendly]
[--property {propertyName}] ...
To update the configuration for an existing Identity Mapper:
dsconfig set-identity-mapper-prop
--mapper-name {name}
(--set|--add|--remove) {propertyName}:{propertyValue}
[(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To delete an existing Identity Mapper:
dsconfig delete-identity-mapper
--mapper-name {name}