Handling account attributes
Bravura Security Fabric includes a “catalog” of shipped default attributes for each target system type. The catalog includes each attribute’s native name, and default requirements, configured actions, and profile and request attribute mappings.
Note
Attribute information may not be available for some target system types (Telnet, Win32 Console, database script target systems). This is because these target systems are generally custom applications unique to each environment.
Bravura Security Fabric uses the attribute catalog to determine rules for “handling” each attribute when managing users on a target system. For example, the sequence number tells Bravura Identity the order in which the attributes should be set when a new account is created. The catalog also determines which attributes’ values should be loaded during auto discovery .
Bravura Security Fabric enables you to override the default rules for handling account attributes. Using the Manage the system (PSA) module you can:
Control how accounts are created, updated, or deleted
Determine which attributes to load during auto discovery
Add new attributes
For example, do this if you want to use an attribute that is not included in the attribute catalog, if your target system has a modified schema or if you are targeting a custom application.
Map account attributes to profile and request attributes, or change existing attribute mappings
Discover accounts in the case of sid (for Windows NT) and/or objectSid (for Active Directory) attributes.
The following sections detail how to override account attributes.