Configure Linked Attribute 'memberOf' 7.3 and 7.4

Product: Radiant FID, AD Connector

Purpose: How to configure Linked Attribute 'memberof' for cached views

Procedure: With AD Connector, you will have to cache groups on VDS and then configure isMemberOf. But, without configuring isMemberOf, memberof will only get updated when the AD connector receives some other update on that entry.

Usually, the link attribute is returned only when explicitly requested by a client.

It is always returned even when not explicitly requested by the client, if:

- the back link location and forward link location are stored in HDAP or Persistent Cache

- Disable “Hide Operational Attribute”

- Enable the “Optimize Linked Attribute” option

To configure isMemberOf attributes, follow the steps below:

1. On the Main Control Panel, click Settings -> Interception -> Special Attributes Handling.
2. Under the Linked Attributes section, click Add. The Configure Mapping window is displayed.
3. Select “isMemberOf” from the Back Link Attribute Name dropdown list.
4. In the Link Attribute Names, select/type in: member
5. Click Choose next to the Target Base DN field. The Choose your base DN window is displayed.
6. Select a base DN containing the entries (e.g. users) for which the back link attributes should be managed.
7. Click OK. You are returned to the Add Linked Attribute Mapping window.
8. Under Source Base DNs, click Add. The “Choose your base DN window” is displayed.
9. Select a base DN containing the entries (e.g. groups) applicable for the objects (containing the forward link) matching what was defined in step 6 above and click OK.
10. The configuration is displayed in the Linked Attributes section.
11. Click the Save button in the upper right corner.
12. Go to the cache properties in the Directory Namespace tab-> Enable “Optimize Linked Attributes” option.
13. Click Save on the top right corner.
14. Re-initialize the cache: Refresh Settings tab > Initialize.
15. Click OK after completing the rebuild.
16. Save
17. Uncheck the Hide Operational Attributes option on the Main Control Panel -> Settings tab -> Server Front End -> Attributes Handling section
18. Check if you have “isMemberOf” in Extension Attributes cache properties in the Directory Namespace tab
19. To check, on the Directory Browser Tab, and expand the branch where you have the users of your cache.
20. Select a user and select the Search button. The Search window is displayed.
21. Select the Subtree option for Scope.
22. Click Search.
23. In the Directory Tree View pane, click the user value. The results are displayed
24. If the user were removed from one of these groups or added to a new group located in the base dn provided while creating the linked attribute, their isMemberOf attribute would reflect this automatically.