This is an old revision of the document!
Configuration of LDAP Directories to be Synchronized
Key Attribute
Every object in a LDAP directory is uniquely identifiable by its distinguished name (DN). To specify a certain LDAP user entry for authentication purposes it is necessary to build up its distinguished name.
Given the example above, the DN for a user entry could be:
<font inherit/Courier New,Courier,monospace;;inherit;;inherit>CN=<userName>,OU=User,DC=pkit,DC=methodpark,DC=de</font>
The value <username> is assumed to be unique in that case. As every user has its own <username> value, it is necessary to set that attribute value for each user respectively before the user can be authenticated.
The key attribute is therefore used to specify a Stages user attribute, whose value will be set in an authentication schema to build up the distinguished name of a LDAP user entry.
Possible values for the key attribute are:
- username
- fullname
- authenicationUsername