How to add new Custom attributes in CA Directory Services so that it is displayed in the Advanced Auth Admin console Console for mapping?

book

Article ID: 16472

calendar_today

Updated On:

Products

CA Rapid App Security CA Advanced Authentication

Issue/Introduction

At times customers would like to create new custom attributes that can be read by the CA Advanced Authentication Admin Console and mapped to CA Arcot LDAP attributes.



How to add new Custom attributes in CA Directory Services so that it is displayed in the Advanced Auth Admin console Console for mapping?

Environment

Production

Resolution

1. Adding of LDAP new custom attributes is pretty straight forward as shown below. The new attribute in LDAP or CA Directory server is at the schema level.  This is meant to be a suggestion for using CA Directory sever. The LDAP schema once altered with the new custom attribute will be read by Advanced Authentication Server into “Enterprise LDAP Attributes” screen and then can be mapped as described below. 

1.   Say we want to add a new custom attribute called “MyStatus4”. Where the JXplorer connected to CA Directory server screen below shows that “MyStatus2” and “Mystatus3” exist but no “MyStatus4”. 

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVMAA4" alt="ldap1.jpg" width="994" height="467"> 

 

 

2. Navigate to the LDAP schema file.  In this case  -  file youngstaff.dxc at location

    -- C:\CA\Directory\dxserver\config\schema\ -- then do the bulleted items

·         Add  “schema set attribute youngAttrPrefix:8” as shown below bumping the prefix value.

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVNAA4" alt="LDAP2.jpg" width="956" height="656">

·         Add  the object-class  “myStatus4” to  “schema set object-class youngOcPrefix:1”  

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVOAA4" alt="ldap3.jpg" width="947" height="652">

·         Save the file .dxc file (in this case youngstaff.dxc)

3. Use the “dxserver”  command to  load the new configuration (while the LDAP server is running)

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVPAA4" alt="ldap4.jpg" width="639" height="55">

 

 

 4. Re-login to LDAP via JXplorer to check the schema. As shown below the “myStatus4” attribute is part of the LDAP schema. 

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVQAA4" alt="ldap5.jpg" width="789" height="572">

 

 

    5. From the Admin UI login into the LDAP organization, check that the new custom LDAP attribute “myStatus4” is populated in the “Enterprise LDAP Attributes” screen. 

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVRAA4" alt="ldap6.jpg" width="1193" height="657">

    6. This new custom attribute created can now be mapped to any available “Arcot Database Attributes" using the "Map" button in the screen above.

 

 

 

                                               

 

 

 

5.

 

Additional Information

None.

Attachments

1558716857936000016472_sktwi1f5rjvs16uck.jpeg get_app
1558716855979000016472_sktwi1f5rjvs16ucj.jpeg get_app
1558716854173000016472_sktwi1f5rjvs16uci.jpeg get_app
1558716852233000016472_sktwi1f5rjvs16uch.jpeg get_app
1558716850103000016472_sktwi1f5rjvs16ucg.jpeg get_app
1558716847869000016472_sktwi1f5rjvs16ucf.jpeg get_app