Use this page to define a relationship between any LDAP attribute and any supported eDirectoryTM attribute. When an LDAP client requests LDAP attribute information from the LDAP server, the server returns the corresponding eDirectory attribute information.
The default LDAP Services for eDirectory configuration contains a predefined set of class and attribute mappings. These mappings map a subset of LDAP attributes to a subset of eDirectory attributes. Because of differences in the LDAP and eDirectory schemas, many supported LDAP and eDirectory classes and attributes are not mapped in the default configuration.
The Attribute Mappings are organized with the eDirectory attributes in the left column, and the corresponding LDAP primary attributes in the right column. You can sort either column, ascending or descending, by clicking the title bar. You can view and modify an attribute's mappings from the Modify button. From the Modify dialog box, if a LDAP attribute is no longer current, you can check the optional Obsolete box. The attribute will still be usable with the Obsolete box checked, however, the attribute will be flagged that it may disappear in a future version. There is also an optional Description field provided for informational purposes.
The LDAP snapin only shows the eDirectory name and the most common LDAP name or "primary name." Since it is possible that more than one LDAP attribute can map to a single NDS® attribute, you can add additional LDAP attribute names by clicking on the Modify button. In the Modify dialog box, the Primary LDAP Attribute field contains the most popular LDAP attribute name. In the Secondary LDAP Attributes field, you can enter any other LDAP attribute names that map to this NDS attribute.
To make it easier to manage the attribute mappings, a search box is provided near the bottom of the window. A search will query all of the primary and secondary LDAP attribute names stored in the mappings. In the query field, only exact text entries can be matched. Wild card or boolean operators are not supported. Search queries are case insensitive. Valid LDAP attribute names must begin with the characters a-z or A-Z, and can contain the following characters: a-z A-Z ; - 0-9 (a-z, A-Z, semicolon, dash, and 0-9).
A trademark symbol (®, TM, etc.) denotes a Novell trademark. An asterisk (*) denotes a third-party trademark. For information on trademarks, see Legal Notices.