Note: this is an abstract component that cannot be instantiated.
Identity Mappers are responsible for establishing a mapping between an identifier string provided by a client, and the entry for the user that corresponds to that identifier. Identity Mappers are used to process several SASL mechanisms to map an authorization ID (e.g., a Kerberos principal when using GSSAPI) to a directory user. They are also used when processing requests with the proxied authorization control.
The following Identity Mappers are available in the server :
These Identity Mappers inherit from the properties described below.
The following components have a direct aggregation relation to Identity Mappers:
The properties supported by this managed object are as follows:
Basic Properties: | Advanced Properties: |
---|---|
description | None |
enabled |
Description | A description for this Identity Mapper |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Description | Indicates whether the Identity Mapper is enabled for use. |
Default Value | None |
Allowed Values | true false |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
To list the configured Identity Mappers:
dsconfig list-identity-mappers [--property {propertyName}] ...
To view the configuration for an existing Identity Mapper:
dsconfig get-identity-mapper-prop --mapper-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing Identity Mapper:
dsconfig set-identity-mapper-prop --mapper-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To delete an existing Identity Mapper:
dsconfig delete-identity-mapper --mapper-name {name}