Customizing the Active Directory Adapter

Active Directory can support custom attributes for the user class. The Active Directory Adapter only supports standard Windows attributes by default. However, you can customize the adapter to support custom (extended) attributes.

Before you begin

Before customizing an adapter, you must have working knowledge of these concepts:

  • LDAP schema management
  • LDAP object classes and attributes
  • Scripting language that is appropriate for the installation system
  • XML document structure
Note: The Active Directory Adapter supports customization only with the use of pre-Exec and post-Exec scripting. IBM does not support the your individual customization, scripts, or other modifications. If you experience a customization problem, IBM Support can require problem demonstration on the released version of the adapter before opening a problem report. For more information, see the IBM Security Verify Identity Support website.

About this task

Complete the steps to customize the Active Directory Adapter to support the extended attributes in the Active Directory.

Procedure

  1. Extend the Active Directory Adapter schema and add the custom attributes to the Active Directory Server.
    For more information on extending the schema, see Extend the schema and add the extended attributes.

    For information on the files that you can modify to customize the Active Directory Adapter, see Files.

  2. Copy the JAR file to a temporary directory and extract the files. For more information on extracting the files, see Copy the ADprofile.jar file and extract the files.
  3. Add the extended attributes to the exschema.txt or exschemagrp.txt file. For more information on extending the attributes, see Modify the schema file.
  4. Update the schema.dsml file on the IBM Security Identity server. For more information on updating this file, see Update the schema file.
  5. Update the customlabels.properties file on the IBM Security Identity server. For more information on updating this file, see Modify the CustomLabels.properties file.
  6. Install the new attributes on the IBM Security Identity server. For more information on updating this file, see Create a JAR file and install the new attributes.
  7. Modify the form for the account. For more information on updating the form, see Optionally modify the adapter form.