Exact Match Identity Mapper
The Exact Match Identity Mapper maps an identifier string to user entries by searching for the entry containing a specified attribute whose value is the provided identifier. For example, the username provided by the client for DIGEST-MD5 authentication must match the value of the uid attribute
Parent
The Exact Match Identity Mapper object inherits from Identity Mapper.
Exact Match Identity Mapper Properties
You can use configuration expressions to set property values at startup time. For details, see Property Value Substitution.
| Basic Properties | Advanced Properties |
|---|---|
enabled
Synopsis |
Indicates whether the Identity Mapper is enabled for use. |
Default Value |
None |
Allowed Values |
true false |
Multi-valued |
No |
Required |
Yes |
Admin Action Required |
None |
Advanced |
No |
Read-Only |
No |
match-attribute
Synopsis |
Specifies the attribute whose value should exactly match the ID string provided to this identity mapper. |
Description |
At least one value must be provided. All values must refer to the name or OID of an attribute type defined in the directory server schema. If multiple attributes or OIDs are provided, at least one of those attributes must contain the provided ID string value in exactly one entry. The internal search performed includes a logical OR across all of these values. |
Default Value |
uid |
Allowed Values |
The name of an attribute type defined in the LDAP schema. |
Multi-valued |
Yes |
Required |
Yes |
Admin Action Required |
None |
Advanced |
No |
Read-Only |
No |
match-base-dn
Synopsis |
Specifies the set of base DNs below which to search for users. |
Description |
The base DNs will be used when performing searches to map the provided ID string to a user entry. If multiple values are given, searches are performed below all specified base DNs. |
Default Value |
The server searches below all public naming contexts local to the server. |
Allowed Values |
A valid DN. |
Multi-valued |
Yes |
Required |
No |
Admin Action Required |
None |
Advanced |
No |
Read-Only |
No |
Advanced Properties
Use the --advanced
option to access advanced properties.
java-class
Synopsis |
Specifies the fully-qualified name of the Java class that provides the Exact Match Identity Mapper implementation. |
Default Value |
org.opends.server.extensions.ExactMatchIdentityMapper |
Allowed Values |
A Java class that extends or implements:
|
Multi-valued |
No |
Required |
Yes |
Admin Action Required |
The object must be disabled and re-enabled for changes to take effect. |
Advanced |
Yes |
Read-Only |
No |