Update the targetprofile.json file

The Active Directory targetprofile.json file identifies all of the supported Windows account attributes for the IBM® Security Identity Governance and Intelligence server.

1. Change to the \ADprofile directory, where the targetProfile.json file has been created.
2. Open the targetProfile.json file in a text editor.
3. Find the section for userExtension.
   For example:

   "userExtension": {
   "schema": "urn:ibm:idbrokerage:params:scim:schemas:extension:ADAccount:2.0:User",
   "definition": {
   "id": "urn:ibm:idbrokerage:params:scim:schemas:extension:ADAccount:2.0:User",
   "name": "CustomUserExtension",
   "description": "Security adapter view of a user",
   "attributes": [

   The attributes section contains an array of attribute definitions. Each definition is separated by a comma.

4. Add your extended attributes to this attributes section. An attribute object contains the following fields:

   Field	Description
   name	Attributes name.
   type	data type (string integer, boolean, binary)
   multiValued	True, if attribute can have multiple values.
   required	true, if required attribute.
   caseExact	true, if value is case-sensitive.
   mutability	immutable, read, write, readwrite
   returned	Use "default".
   uniqueness	User "server".
   specialFlags	User "none".
   canonicalValues	Optional list of valid values for this attribute as a json array.

   The attribute object is enclosed in braces ({}). Each field has the name in quotes followed by a colon and the value. Each field is separated by a comma.

   See the following example from the Active Directory adapter:

   {
   "name": "eruid",
   "type": "string",
   "multiValued": false,
   "description": "An identifier used to uniquely identify a user",
   "required": true,
   "caseExact": false,
   "mutability": "immutable",
   "returned": "default",
   "uniqueness": "server",
   "specialFlags": "none"
   },

5. Add the new attributes to the account class.
   For example:

   "userExtension": {
   "schema": "urn:ibm:idbrokerage:params:scim:schemas:extension:ADAccount:2.0:User",
   "definition": {
   "id": "urn:ibm:idbrokerage:params:scim:schemas:extension:ADAccount:2.0:User",
   "name": "CustomUserExtension",
   "description": "Security adapter view of a user",
   "attributes": [
   {
   "name": "eruid",
   "type": "string",
   "multiValued": false,
   "description": "An identifier used to uniquely identify a user",
   "required": true,
   "caseExact": false,
   "mutability": "immutable",
   "returned": "default",
   "uniqueness": "server",
   "specialFlags": "none"
   },
   …
   {
   "name": "title",
   "type": "string",
   "multiValued": false,
   "description": "title",
   "required": false,
   "caseExact": false,
   "mutability": "readWrite",
   "returned": "default",
   "uniqueness": "none",
   "specialFlags": "none"
   },
   {
   "name": "shirtSize",
   "type": "string",
   "multiValued": true,
   "description": "Shirt Size",
   "required": false,
   "caseExact": false,
   "mutability": "readWrite",
   "returned": "default",
   "uniqueness": "none",
   "specialFlags": "none",
   "canonicalValues": [
   "small”,
   "medium",
   "large
   ]
   }
   ]

   Note: Ensure that you separate each attribute definition with a comma. After you update the file, it is suggested that you verify that the syntax is correct by using one of the freely available json lint sites.