For this procedure, in Management Agent Designer, on the Configure Attributes page, you select the attributes that you want to synchronize, add additional attributes (for certain text file types), and edit or delete existing attributes. Management Agent Designer automatically identifies certain attribute properties such as multi-valued, base64-encoding, attribute types string, Boolean, number, distinguished name (also known as DN), and binary. You can change many of these properties to a more desired configuration for synchronization. To complete this procedure, you must be logged on as a member of the FIMSyncAdmins security group.
|
To configure attributes |
-
In Management Agent Designer, on the Configure Attributes page, under Attributes, verify that all of the attributes that are contained in the template input file appear in the list.
-
To configure an anchor attribute, click Set anchor.
-
In the Set Anchor dialog box, do the following:
- If the template input file contains a
distinguished name (also known as DN) that you want to use as an
anchor attribute, select the Use distinguished name as anchor
attribute check box.
- If you want to use another attribute, in
Available attributes, click the attribute that you want to
use as an anchor, click Add, and then click OK.
- If the template input file contains a
distinguished name (also known as DN) that you want to use as an
anchor attribute, select the Use distinguished name as anchor
attribute check box.
If you want to manually configure attribute properties, do any of the following:
|
|
Edit attribute properties |
-
In Attributes, click the attribute that you want to edit, and then click Edit.
-
Do any of the following:
- Change the attribute name in the Name
text box. This option is not available if the attribute name was
defined in the sample input file.
- Change the attribute type in the Type
list box.
- If the attribute is multi-valued, select
Attribute is multi-valued.
- To specify the minimum number of characters
allowed in the attribute, type a numerical value in Minimum
character length.
- To specify the maximum number of characters
allowed in the attribute, type a numeric value in Maximum
character length.
- Change the attribute name in the Name
text box. This option is not available if the attribute name was
defined in the sample input file.
|
|
Configure advanced properties |
-
In Attributes, click the attribute that you want to edit, and then click Advanced.
-
Do any of the following:
- If the template file contains a hierarchical
distinguished name attribute, select Input file contains a LDAP
distinguished name, and then, in Distinguished name
attribute, click the attribute to be used as the anchor
attribute.
- For fixed-width, delimited, and
attribute-value pair text file types, in Define object
class, you can change the value that defines the object type in
Fixed object type value.
- For fixed-width, delimited, and
attribute-value pair text file types, in Define object
class, you can change the value that defines the object class
in Object class attribute.
- For fixed-width, delimited, and
attribute-value pair text file types, in Define change type
attribute, if your template file contains a change type
attribute, that attribute will be automatically selected to specify
the change operation upon entry of the attribute in the connector
space. You can select a specific attribute by clicking an attribute
in Change type attribute, and then, if the value for change
operations are different from the default, type the appropriate
operation for Modify, Add, and Delete.
- If your management agent will perform direct
export attribute flow of string attributes, it may be necessary to
normalize certain characters prior to reimport. To convert
lowercase characters to uppercase characters, select Convert
lowercase characters to uppercase. To replace accented
characters with non-accented variant characters, select Replace
accented characters with non-accented variants. If you select
either or both of these options for an existing management agent,
you must perform a full synchronization for the subsequent run.
- If the template file contains a hierarchical
distinguished name attribute, select Input file contains a LDAP
distinguished name, and then, in Distinguished name
attribute, click the attribute to be used as the anchor
attribute.
|
Caution |
|
Verify each attribute has the correct type and multi-valued setting. Failure to do so can lead to loss or corruption of data. |
|
Note |
|
For management agents for LDIF and DSML, the custom data input file must contain an attribute called objectClass when you run a full import. If your custom data input file does not contain an attribute called objectClass, an error is generated during the import run and the import fails. |
|
|
Note |
|
An attribute can have a combination of multiple or binary (including base64) values. |
|
|
Note |
|
Anchor attributes must be single-value attributes. The order of values in a multiple-value attribute is not guaranteed. An anchor attribute can only be of string or binary attributes. |
|
|
Note |
|
For text file formats where the distinguished name (also known as DN) is configured as an anchor attribute, do not allow object renaming during a delta run of the management agent. If object renaming might occur during a full or delta import, select an anchor attribute other than the distinguished name. |
|
|
Note |
|
For attribute-value pair text file formats, Management Agent Designer automatically identifies multiple-value data. |
|
|
Note |
|
New attributes can be added only for attribute-value pair, DSML, and LDIF text file formats. You can delete only attributes that you add manually. |
|
|
Note |
|
For delimited and fixed-width text file formats, multiple-value attributes must contain header rows. If you do not include header rows and you select the check box in the Multiple Value column, you can produce duplicate attribute names. If you do not select the Use first row as header names for input file check box on the Delimited File Format page, Management Agent Designer assigns a name in the following format: attr000, attr001, attr002, and so on. To change these assigned names, double-click the name and type a new name in the Edit Attribute dialog box. It is recommended that you use attribute names that indicate an attribute's contents so that it is easier to map attributes in later steps. If a header row is not present, you cannot specify multiple-valued attributes. Multiple-valued attributes must be in sequential order. If they are not, you receive an invalid format error. |
|
|
Note |
|
For LDIF and DSML, FIM decodes BASE64 encoded values as if they are UTF-8. These values are then converted to Unicode for import into the metaverse. |
|
|
Note |
|
For LDIF created from Active Directory using LDIFDE, the change type attribute will always be Full. |
|
|
Note |
|
For all text file-based management agents, except LDIF, when you run a management agent run profile in full import mode, the change type attribute (if configured) is ignored. When you run a management agent run profile in delta mode, the change type attribute (if configured) is applied. For management agents for LDIF, the change type attribute is checked when you run a full import. if the change type attribute is present, it must be Add. For all management agent types, if an error occurs in the processing of a change type attribute, an error message is written to the event log. |
|
|
Note |
|
For all text file-based management agents, except LDIF and DSML, you cannot configure a multi-valued attribute as a change type attribute. |
|
|
Note |
|
Number attribute types are Int64 integers with values ranging from negative 9,223,372,036,854,775,808 through positive 9,223,372,036,854,775,807. |
|
|
Note |
|
The table lists character and size limits. |
| Attribute | Size |
|---|---|
|
Name |
128 char. |
|
Value |
No size limit for attribute values in a connector space. 900 bytes for attribute values in the metaverse |
|
Constructed anchor name |
128 char. |
|
Constructed anchor name values |
900 bytes |