Novell ACCESS MANAGER 3.1 SP2 - IDENTITY SERVER GUIDE 2010 Manual page 283

LDAP write to succeed, each attribute must be properly mapped as an LDAP Attribute.
Additionally, you must enable the read/write permissions for each attribute in the Liberty/LDAP
attribute maps. See Section 13.6, "Mapping LDAP and Liberty Attributes," on page
To configure user provisioning:
1 In the Administration Console, click Devices > Identity Servers > Servers > Edit > Liberty [or
SAML 2.0] > [Identity Provider] > User Identification.
2 Click the Provisioning settings icon.
3 Select the required attributes from the Available Attributes list and move them to the Attributes
list.
Required attributes are those used in the creation of a user name, or that are required when
creating the account.
4 Click Next.
5 Select optional attributes from the Available Attributes list and move them to the Attributes list.
This step is similar to selecting required attributes. However, the user provisioning request
creates the user account whether or not the optional attributes exist on the service provider.
6 Click Next.
7 Define how to create the username.
Configuring User Identification Methods for Federation 283
304.