How To

How do I change the search attribute used to search for users in AM 5.x and OpenAM 13.x console?

Last updated Apr 12, 2021

The purpose of this article is to provide information on changing the search attribute used when searching for users in AM/OpenAM. The default search attribute is cn and is used when searching for users on the Subjects tab.

1 reader recommends this article


This article has been archived and is no longer maintained by ForgeRock.

Changing the search attribute

You may need to change the search attribute being used to provide more meaningful searches, for example, you could change the search attribute to uid to search on user IDs. You can only have one search attribute as the Subjects tab is only designed to perform simple user searches; more sophisticated searches should be performed using an LDAP browser or a dedicated tool for managing users such as IDM/OpenIDM or DS/OpenDJ.

You can change the search attribute via the following ssoadm command (it cannot be changed in the console):

$ ./ssoadm set-attr-defs -s iPlanetAMAdminConsoleService -t organization -u [adminID] -f [passwordfile] -a iplanet-am-admin-console-user-search-key=[searchattribute]

replacing [adminID], [passwordfile] and [searchattribute] with appropriate values.


You must restart the web application container in which AM/OpenAM runs to apply these configuration changes. 

See Also

FAQ: Users in AM

Administrator and user accounts in AM

Related Training


Related Issue Tracker IDs


Copyright and Trademarks Copyright © 2021 ForgeRock, all rights reserved.