Sending Attributes To The Embedded Service Provider - Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual
Identity server guide
Hide thumbs
Also See for ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010:
- Manual (264 pages) ,
- User manual (58 pages) ,
- Manual (110 pages)
Table of Contents
Advertisement
3 Select an attribute set
4 Select attributes from the Available list, and move them to the left side of the page.
The left side of the page lists the attributes that you want sent in an assertion to the service
provider.
5 Click OK twice.
6 Update the Identity Server.
7.6.3 Sending Attributes to the Embedded Service Provider
You can configure the Embedded Service Provider (ESP) of the Access Gateway to receive
attributes when the user authenticates. LDAP traffic is reduced and performance is improved when
the required LDAP attribute values are retrieved during authentication. This improvement is easily
seen when you have many users and you have configured Identity Injection or Authorization
policies to protect resources and these policies use LDAP attributes or Identity Server roles.
When the authentication process does not gather the LDAP attribute values, each user access can
generate a new LDAP query, depending upon how the user accesses the resources and how the
policies are defined. However, if the LDAP values are gathered at authentication, one LDAP query
can retrieve all the needed values for the user.
1 In the Administration Console, click Devices > Identity Servers > Shared Settings.
2 On the Attributes page, click New, specify a name, then click Next.
3 For each attribute you need to add because it is used in a policy:
3a Click New.
3b In the Local attribute drop-down list, scroll to LDAP Attribute section, then select the
attribute.
3c Click OK.
The other fields do not need to be configured.
4 If you use Identity Server roles in your policies, click New, select the All Roles attribute, then
click OK.
5 Click Finish.
This saves the attribute set.
6 Click Servers > Edit > Liberty.
7 Click the name of the Embedded Service Provider.
If the Embedded Service Provider is part of a cluster of Access Gateways, the default name is
the cluster name. If the Access Gateway is not part of a cluster, the default name is the IP
address of the Access Gateway.
8 Click Attributes.
9 For the attribute set, select the set you created for the Embedded Service Provider.
10 Select attributes from the Available list, then move them to the left side of the page.
11 Click OK, then update the Identity Server.
202 Novell Access Manager 3.1 SP2 Identity Server Guide
Advertisement
Table of Contents
Troubleshooting
Related Manuals for Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010
Related Products for Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP2 Beta 1
- Novell Access Manager 3.1 SP 2
- NOVELL CLIENT LOGIN EXTENSION 3.7 - ADMINISTRATION
- NOVELL IDENTITY ASSURANCE SOLUTION 3.0.2 - ADMINISTRATION
- NOVELL IDENTITY MANAGER 3.6.1 - STAGING BEST PRACTICES GUIDE 2010
- NOVELL IDENTITY MANAGER 3.6.1 - NULL SERVICE AND LOOPBACK SERVICE DRIVERS
- NOVELL IDENTITY MANAGER 3.6.1 - JOBS GUIDE
- NOVELL IDENTITY MANAGER 3.6.1 - TASK SERVICE DRIVER
- NOVELL IFOLDER 3 - ADMINISTRATION
- NOVELL POLICIES IN IMANAGER 3.6.1 - 06-05-2009
- NOVELL POLICY IN DESIGNER 3.5 - 09-18-2009
Need help?
Do you have a question about the ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 and is the answer not in the manual?
Questions and answers