How to add new Custom attributes in CA Directory Services so that it is displayed in the Advanced Auth Admin console Console for mapping?

Article Id: 16472
Status: Published
Updated On: 21-02-2020 16:00
Products:
CA Rapid App Security , CA Advanced Authentication
Issue/Introduction:

At times customers would like to create new custom attributes that can be read by the CA Advanced Authentication Admin Console and mapped to CA Arcot LDAP attributes.



How to add new Custom attributes in CA Directory Services so that it is displayed in the Advanced Auth Admin console Console for mapping?

Environment:

Production

Resolution:

1. Adding of LDAP new custom attributes is pretty straight forward as shown below. The new attribute in LDAP or CA Directory server is at the schema level.  This is meant to be a suggestion for using CA Directory sever. The LDAP schema once altered with the new custom attribute will be read by Advanced Authentication Server into “Enterprise LDAP Attributes” screen and then can be mapped as described below. 

1.   Say we want to add a new custom attribute called “MyStatus4”. Where the JXplorer connected to CA Directory server screen below shows that “MyStatus2” and “Mystatus3” exist but no “MyStatus4”. 

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVMAA4" alt="ldap1.jpg" width="994" height="467"> 

 

 

2. Navigate to the LDAP schema file.  In this case  -  file youngstaff.dxc at location

    -- C:\CA\Directory\dxserver\config\schema\ -- then do the bulleted items

·         Add  “schema set attribute youngAttrPrefix:8” as shown below bumping the prefix value.

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVNAA4" alt="LDAP2.jpg" width="956" height="656">

·         Add  the object-class  “myStatus4” to  “schema set object-class youngOcPrefix:1”  

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVOAA4" alt="ldap3.jpg" width="947" height="652">

·         Save the file .dxc file (in this case youngstaff.dxc)

3. Use the “dxserver”  command to  load the new configuration (while the LDAP server is running)

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVPAA4" alt="ldap4.jpg" width="639" height="55">

 

 

 4. Re-login to LDAP via JXplorer to check the schema. As shown below the “myStatus4” attribute is part of the LDAP schema. 

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVQAA4" alt="ldap5.jpg" width="789" height="572">

 

 

    5. From the Admin UI login into the LDAP organization, check that the new custom LDAP attribute “myStatus4” is populated in the “Enterprise LDAP Attributes” screen. 

<Please see attached file for image>

src="/servlet/servlet.FileDownload?file=0150c000004AKVRAA4" alt="ldap6.jpg" width="1193" height="657">

    6. This new custom attribute created can now be mapped to any available “Arcot Database Attributes" using the "Map" button in the screen above.

 

 

 

                                               

 

 

 

5.

 

Additional Information:

None.

insert_drive_file 1558716857936000016472_sktwi1f5rjvs16uck.jpeg
arrow_downward Download
insert_drive_file 1558716855979000016472_sktwi1f5rjvs16ucj.jpeg
arrow_downward Download
insert_drive_file 1558716854173000016472_sktwi1f5rjvs16uci.jpeg
arrow_downward Download
insert_drive_file 1558716852233000016472_sktwi1f5rjvs16uch.jpeg
arrow_downward Download
insert_drive_file 1558716850103000016472_sktwi1f5rjvs16ucg.jpeg
arrow_downward Download
insert_drive_file 1558716847869000016472_sktwi1f5rjvs16ucf.jpeg
arrow_downward Download