Rules and Guidelines for LDAP Objects

• •You cannot configure a lookup for an LDAP object in tasks.
• •You cannot use filters for data that contains the Binary data type.
• •You can use only the advanced filter for Generalized Time and UTCTime data types.
• •You cannot use Less Than, Greater Than, Starts With, Ends With, Contains, Is Null, and Is Not Null operators in a basic filter.
• •Ensure that the advanced filter expression has a valid LDAP syntax.
• •You cannot use LDAP Connector to update the description attribute as there is a restriction from the JNDI API.
• •When you create entries for a user in Active Directory, you cannot set the password for that user. You do not have the required permissions to update passwords using the JNDI APIs.
• •When you use a basic filter for an LDAP source, you must map the fields on which you applied the filter before you run the task.
• •The Secure Agent fetches the attributes of security principal object classes only for the User, Group, and Computer object class from Active Directory.
• •When you write data that contains reserved characters to a distinguished name, you must add a backslash before each occurrence of a reserved character. The reserved characters include space or # character at the beginning of a string and space character at the end of a string. Other characters include , + " \ < > ; LF CR = /
• •If you use an LDAP secure connection with custom certificates in a task to read or write data to an LDAP server, the connection might fail when the version of the Secure Agent is 30.0 or later. The error occurs if the server certificates are not available in the latest <Secure Agent installation directory>main\tomcat and <Secure Agent installation directory>\main\rdtm directories. You must place the server certificates in the latest rdtm and Tomcat directories of the Secure Agent installation.