Hi Jens, Assuming several suffixes within a single LDAP repository and user already exists in LDAP, point SCIM at the root suffix. At runtime, SCIM can retrieve and validate users from any OU under root suffix. Once the User is retrieved, profile attributes within SCIM schema can be added/modified.
One classic example is to authenticate user, create and update 2-factor knowledge questions for user.
Are you intending to provision/register users via SCIM or a different service?
Regards,
Rama
------------------------------
Rama Yenumula
------------------------------
Original Message:
Sent: Wed May 13, 2020 09:15 AM
From: Jon Harry
Subject: SCIM search Suffix
Hi Jens,
I don't think it is possible to search multiple suffixes with SCIM. I assume you don't have a parent suffix that would cover all of the different suffixes that you want to check? I had a thought that maybe if you use the ISAM Runtime as the Server Connection (instead of LDAP) it might help but I have not had a chance to try it.
I'm afraid it is NOT possible to customize the SCIM schema. You can modify the mapping to LDAP attributes but you can't create new SCIM schema or attributes.
Jon.
------------------------------
Jon Harry
Consulting IT Security Specialist
IBM
Original Message:
Sent: Tue May 12, 2020 04:36 AM
From: Jens Petersen
Subject: SCIM search Suffix
Hi All,
we have a LDAP with several Suffixes for different Portal applications. Would it be possible to configure SCIM to support mir than one Suffix?
Also I wonder if I could extend the SCIM schema somehow. The Attribute mapping allows different LDAP Attributes to existing SCIM Attributes but in several cases the schema is not flexible enough to support the portal applications.
thanks for any hint
------------------------------
Jens Petersen
------------------------------