You can configure OSP so users can log in with an email address or another attribute available in the LDAP authentication server. If you use a non-default attribute, the server might take longer to respond to authentication requests, particularly when running workflows for a review definition. Also, OSP automatically times out LDAP connections after 15 seconds. To ensure a rapid response time, the LDAP authentication server should have an index for the login attribute. If using Identity Governance with Identity Manager, you also must specify that attribute in the RBPM Configuration Utility.
NOTE:Active Directory automatically creates an index for the "mail" attribute.
If using with Identity Manager, to specify the login attribute, complete the following steps:
Run the RBPM Configuration utility.
For more information, see Configuring the Identity Manager Components
in the NetIQ Identity Manager Setup Guide for Linux.
Select Authentication > Show Advanced Options.
For more information, see Authentication Configuration
in the NetIQ Identity Manager Setup Guide for Linux.
For Duplicate resolution naming attribute, specify the attribute that you want to use for login activities. For example, Internet Email Address.
Save your changes.
(Conditional) If using with Identity Manager, to create an index for the login attribute in eDirectory, complete the following steps:
Create the index.
For more information, see Creating an Index
in the NetIQ eDirectory Administration Guide.
For the attribute, select the same attribute that you specified for Duplicate resolution naming attribute in the configuration utility.
For the index rule, specify Value.
Complete the process for creating the index.