Message Image

Skip main navigation (Press Enter).

Layer7 API Management

Back to discussions

Expand all | Collapse all

LDAP identity provider built-in attributes

Jump to Best Answer

Christof NyffeneggerJun 30, 2017 06:07 AM

Hello, For one of our customers we need to extract the department attribute from our active directory ...

Stephen HughesAug 02, 2017 07:30 PMBest Answer

We tested what you had outlined and found that it would not accept the built in one but it would work ...

1. LDAP identity provider built-in attributes

0 Recommend
Christof Nyffenegger
Posted Jun 30, 2017 06:07 AM

Reply Reply Privately
Hello,

For one of our customers we need to extract the department attribute from our active directory using the Authenticate Against Identity Provider/Extract Attributes for Authenticated User assertions.
As I understand, the "Department" attribute is a built-in predefined attribute. Unfortunately, the corresponding context variable authenticatedUser.department is empty, although we have a "department" attribute filled in in our AD directory. All other context variables in the example below are filled with the correct values. Can someone clarify which LDAP attribute is referenced by the built-in "Department" attribute? CA API gateway verrsion is 9.1 build 6342. Thanks in advance.
2. Re: LDAP identity provider built-in attributes
Best Answer

1 Recommend
Broadcom Employee

Stephen Hughes
Posted Aug 02, 2017 07:30 PM

Reply Reply Privately
We tested what you had outlined and found that it would not accept the built in one but it would work if you set it up as a custom attribute.

Sincerely,

Stephen Hughes
Director, CA Support

Copyright 2023. All rights reserved.

Powered by Higher Logic