Various attributes

The next table shows various additional attributes relevant for the LDAP Connector plugin.

Attribute name (examples)

Usage

Type

LDAP Connector plugin

LDAP Token List Persister plugin

LDAP Password Self- Service Token Persister plugin

selfRegisteredFlag

Flag indicating if a user is self-registered

Boolean

O

selfRegistrationDate

Holds the self-registration date (if applicable)

Timestamp

O

channelVerificationResends

Holds the number of completed resends of the channel verification token during the user's self-registration

Integer

O

secretQuestionsEnabled

Indicates if secret questions are enabled for this user

Boolean

O

roles, memberOf

Roles or role-entry-DNs specifying the user's roles. Roles can also be resolved from a different directory tree using a search tree and filter.

String (multi-value), DN (multi-value)

O

lastGsidValue

Holds the last global session ID. May be empty.

String

O

lastGsidDate

Holds the date when the global session ID was last updated. May be empty.

Timestamp

O

[other attributes]

Any other string attributes (such as sn, givenName, street, l, etc.) can be read/written into/from the so called context data container. The data can be used in Airlock IAM plugins (e.g., admintool user profile or in generated letters).

String (single- or multi-value)

O

R = Required by plugin
O = Optional, may be used by plugin