Description:
When you integrate SiteMinder with Active Directory as user store you may be interested in the attributes managed by the Policy Server with non-enhanced and AD enhanced mode.
Solution:
The PS reads the following LDAP parameters in both non-enhanced and AD enhanced mode
The PS reads the following additional LDAP parameters in AD enhanced mode Only:
The PS writes the following parameters in both non-enhanced and AD enhanced mode:
The PS writes the following parameters in AD enhanced mode only:
Note: A login failure will trigger AD to modify the following user attributes.
These attributes are not currently used by SM:
logonCount
badPasswordTime