Extend the schema and add the extended attributes
Extend the Windows Active Directory schema and add the custom attributes to the Active Directory Server by using the tools provided by Windows.
Note: The adapter does not support every attribute of the Active Directory user object. If you want
to extend the adapter to support an attribute that is not currently supported by the adapter, but is
already an Active Directory user attribute, you do not need to extend the Active Directory
schema.
For more information about adding new attributes to the Active Directory, refer to the Microsoft Windows Server documentation.
The Active Directory Adapter supports attributes with
these syntaxes:
- DN
- CaseExactString
- CaseIgnoreString
- PrintableString
- IA5String
- Integer8
- NumericString
- Boolean Integer
- UTCTime
- GeneralizedTime
- DirectoryString
- DnWithBinary
- OctetString
Consider prefixing the attribute names with erAD in order to easily identify the attributes that are used with IBM Security Verify Governance Identity Manager.
Note:
- If IBM® Security Directory Server is being used as the directory server application, the name of the attribute must be unique within the first 16 characters.
- The Active Directory Adapter supports a multiline value for extended attributes with string syntax.
- The extended attributes are supported only for the User account class.