...
The LDAP Source Plugin can select an arbitrary attribute from the LDAP record to assign to the Org Identity as an Identifier of type UID. This is intended as an interim capability until a more general solution is implemented (CO-1346).
Supported Attributes
The following attributes are currently supported by LdapSource:
| LDAP Attribute | Org Identity Source Attribute |
|---|---|
| edupersonaffiliation | Affiliation |
| employeenumber | Identifier/identifier, type=Enterprise |
| givenname | Name/given, type=Official |
| l | Address/locality, type=Office |
| EmailAddress/mail, type=Official, verified | |
| o | o |
| ou | ou |
| postalcode | Address/postal_code, type=Office |
| sn | Name/family, type=Official |
| st | Address/state, type=Office |
| street | Address/street, type=Office |
| telephonenumber | TelephoneNumber/number, type=Office |
| title | title |
Constraints
Full syncs are dependent on the LDAP server having sufficiently high search limits to allow the full directory to be read, or for binding to be performed with a Bind DN with unlimited search permission.
...