Symantec Access Management

 View Only
  • 1.  Schema Custom x Password

    Posted Jul 21, 2015 11:27 AM

    Dear, good afternoon.



    We carry out the creation of a new class (Schema (.dxc)) custom instead of using the native "inetop.dxc" as directed by "CA".



    However there is a question realicionada a password that is not clear.



    As we are using a new class, we also create a password attribute to this class.



    Everything works great except when we try to authenticate the user on the website of "Identity Manager", because instead of being read the password attribute of our custom class, is read the "userPassword" attribute, which is a native attribute and declared in other classes.



    If you try to declare this attribute in our new class, the error is displayed:



    [108] 20150721.095603.932 ERROR: Syntax Error: Line 118 in E: \ CA \ Directory \ dxserver \ config \ schema \ usercorp.dxc near '}'

    Non-unique attribute name



    there is a way to declare this attribute to our new class?



    there is a way to change the portal login that instead of using the password contained in "userPassword", which is used the password attribute of our new class?



    What is the best alternative in this situation?

  • 2.  Re: Schema Custom x Password
    Best Answer

    Posted Jul 21, 2015 03:01 PM

    Dear friends, I managed to advance in this case.



    CA, reported that the "CA Directory" does not allow authentication with no other attributes than the "userPassword".



    Based on this information we draw a strategy.



    1) export the "XML" containing the settings of "Corportate Directoy".



    2) erase all the class definitions for each user object attribute.



    3) so that the contemplase user object in its structure the attribute "userPassword", had to declare to the user object in the corporate directory to "inetOrgPerson" class.



    4) Thereafter, erase the custom password field we create for our new class "usercorp.dxc"



    5) insert new lines to replace those that have been deleted, they are configured for the attribute "userPassword" and containing the variable (name known) "% PASSWORD%".



    In this way we now only use the attribute "userPassword" and so far had no problems in acting this way.



    I hope to have collaborated