Custom Attributes are not populated with LDAP values when manager attributes are used
search cancel

Custom Attributes are not populated with LDAP values when manager attributes are used

book

Article ID: 160271

calendar_today

Updated On:

Products

Data Loss Prevention Enforce Data Loss Prevention

Issue/Introduction

LDAP plugin for custom attribute lookup is set up and loaded correctly. However, the custom attributes are not populated with LDAP values when manager attributes are used.

Resolution

Scenario:

  • The LDAP plugin for attribute lookups is already setup: Configuring LDAP Lookup Plug-Ins (broadcom.com)
  • The plugin loaded succesfully and the default Attribute Lookup completes without any errors.
  • However, Custom Attributes are not populated with expected LDAP values.

Verification steps after Custom Attribute lookup is set up and loaded:

  1. Restart Enforce server
  2. Navigate to Custom Attributes page (System => Incident Data => Attributes => Custom Attributes tab) and click "Reload Plug-ins". Make sure you get a green success bar and not a red one.
  3. Under the Reports section, navigate to an incident snapshot and look up custom attributes on the right-hand side. Verify that attribute values are populated. 

Resolution:
If manager is not defined in LDAP, all Manager attributes are filled with sender values.

attr.Manager = :(mail=$sender-email$):manager
attr.Manager\ First\ Name = :(distinguishedName=$Manager$):givenName
attr.Manager\ Last\ Name = :(distinguishedName=$Manager$):sn
attr.Manager\ Phone = :(distinguishedName=$Manager$):telephoneNumber
attr.Manager\ Email = :(distinguishedName=$Manager$):mail

Additional Information

For more details on setting up Manager Email for attribute lookups, see Gathering user's manager details with LDAP lookup plugin (broadcom.com).

Powered by Wolken Software