Skip to main content

Example: Mapping a group attribute

The following example demonstrates how to map a group attribute values pulled from an Active Directory target system to a resource attribute created in Bravura Security Fabric .

This example assumes that an Active Directory target system has been added with the List group attributes option enabled, and that auto discovery has been run.

Add a new resource attribute

  1. Click Manage the system > Resources > Resource attributes.

  2. Click Add new…

  3. Enter the following values:

    ID

    GROUP_TYPE

    Description

    Group type

    Type

    String

    Minimum required number of values

    1

    2558.png

  4. Add restricted values:

    1. Click the Restricted values tab.

    2. Type Security in the Actual value and Displayed value fields, then click More.

    3. Type Distribution in the Actual value and Displayed value fields.

    4. Click Update.

Set resource attribute access controls

To set access controls for the new resource attribute, add it to a resource attribute group:

  1. Click Manage the system > Resources > Resource attribute groups.

  2. Select GROUP_INFO_CREATE.

  3. Click the Members tab.

  4. Click Select…

  5. Select the checkbox for GROUP_TYPE then click Select.

    The resource attribute can now used in group creation requests.

Repeat this procedure for the GROUP_INFO_UPDATE resource attribute group if you want to allow users to update the attribute.

Map a group attribute to the new resource attribute

Override the default action for the Active Directory target system’s _groupType attribute:

  1. Click Manage the system > Resources > Group attributes.

  2. Select the Target system override level.

  3. Select the Active Directory target system.

  4. Click the Defaults tab.

  5. Search for and select the _groupType attribute.

    2559.png

  6. Click Override.

  7. Set Action when creating group to ”Set to specified value”.

  8. Set Action when updating group to ”Set to specified value when mapped profile attribute changes”.

  9. Click the search 3332.png icon in the Map group attribute to resource attribute field.

  10. Select GROUP_TYPE.

    2560.png

  11. Click Add.

  12. Confirm the attribute mapping changes.

The Active Directory target system’s group attribute is now mapped to the Bravura Security Fabric resource attribute.

The following sections describe options and steps in more detail.

In this section: