A default value is provided, select "Customize" to provide your own values in the Custom query start field.
Custom query start
If you select "Customize" for the Base DN field, provide a Custom query start.
You can customize the base DN to refocus the search to a specific part of the directory tree. Custom query start lets you configure the query to fit your particular needs and return data more quickly.
Primary email attribute
Provide a Primary email attribute for the address resolution query, if desired.
The query filter instructs the directory data service to return data using attributes and tokens that describe a specific LDAP query syntax.
Primary email attribute
In the Primary email attribute field, provide the attribute in your LDAP schema that is used to store the primary email address information for the query.
If you provide multiple primary email attributes, the system selects the first attribute (based on alphabetical order) to use as the primary attribute for query purposes. The subsequent values appear as aliases, but only if the primary attribute and alias attribute names defined for the data source function are the same.
If you specify a primary email attribute of "proxyAddresses", the directory data service automatically identifies the attribute value that is prepended with "SMTP:" as the address. You do not need to specify this prefix in the field.
Email alias attribute (optional)
In the Email alias attribute field, the attribute in your LDAP schema that is used to store the email alias address information.
Distribution list object classes
In the Distribution list object classes field, list the object classes in your LDAP schema to be used to identify distribution list entries.
Child membership attributes
In the Child membership attributes field, provide the names of the attributes, separated by semicolons, that are in your schema used to define members of a group.
If you do not provide a child membership attribute, distribution lists, and groups are not expanded. Choosing not to expand groups does create a performance benefit. It also means, however, that policies can only be applied to the email address of the recipient since LDAP group membership are not evaluated. Indirect policy groups through email aliases are still honored.
Click Restore Defaults to remove your edits to the address resolution query fields and replace them with the default values.
Test email address
Provide a Test email address that can be used to test and validate your query.
To validate the defined address resolution query against the data source click Test Query.
This test is conducted against the directory data service instance that is running on the Control Center host. The test cannot verify connectivity from attached scanners to your LDAP server.
If your query is successful, you can click the icon next to the Test Query option to display all query results. This test reports all email addresses and user preferences that are associated with the test email address. If the recipient is a distribution list, this information is provided for all users belonging to that distribution list.
Test results reflect only the data source being tested. Test results do not provide information about the effects of other data sources or system settings such aliasing and masquerading.
Query filter (optional)
Provide a Query filter (optional) for the group listing query, if desired.
The attribute describes the email address or attribute element to be searched and the token describes the parameters that are used to return data.
For example, for a SunONE data source, you might use the following query filter to identify all groups within the directory:
Click Restore Defaults to remove your edits to the group listing query configuration fields and replace them with the default values.
Click Test Query to validate the defined group listing query against the data source instance that is running on the Control Center host.
Test results reflect only the data source tested. The query returns a representative sample of groups found in the directory and is conducted against the directory data service instance that is running on the Control Center host. It cannot be used to verify connectivity from attached scanners to your LDAP server.
Click Save to return to the Add Directory Data Source - Directory Data Source Functions page.