The ldap.attributeMappingValues property defines the LDAP attributes that are retrieved from the LDAP data store and saved in the user’s subject record during authentication. The position of the attributes in the mapping determines where the LDAP information is stored; for example, in the default definition, the sixth attribute of ldap.attributeMappingValues, sn, maps to the sixth attribute of ldap.attributeMappingNames, lastName. During authentication, the value of the LDAP attribute sn (surname) is stored in the ACDB subject table column that corresponds to lastName.
To use user name/password-based authentication, the LDAP user ID attribute, typically uid, must be a unique identifier that users present when logging in. The iPlanet Directory Server, Netscape Directory Server, and all other servers that support the inetOrgPerson object class, use the attribute name uid. For servers that do not support the inetOrgPerson object class, this name may be different; for example, the Microsoft Active Directory attribute name is userPrincipalName.
