Follow this task to configure a property extension repository to
store attributes that cannot be stored in your Lightweight Directory Access
Protocol (LDAP) server.
About this task
For security and business reasons, you might not want to not allow
write operations to your repositories. However, applications calling the federated
repository configuration might need to store additional properties for the
entities. A federated repository configuration provides a
property extension
repository, which is a database regardless of the type of main profile
repositories, for a propertylevel join configuration. For example, a company
that uses an LDAP directory for its internal employees and a database for
external customers and business partners might not allow write access to its
LDAP and its database. The company can use the
property extension repository in
a federated repository configuration to store additional properties for the
people in those repositories, excluding the user ID. When an application uses
the federated repository configuration to retrieve an entry for a person,
the federated repository configuration transparently joins the properties
of the person that is retrieved from either the LDAP or the customer’s database
with the properties of the person that is retrieved from the property extension
repository into a single logical person entry.
When you configure a property
extension repository, you can supply a valid data source, a direct connection
configuration, or both. The system first tries to connect by way of the data
source. If the data source is not available, then the system uses the direct
access configuration.
Restriction: You cannot configure a property
extension repository in a mixedversion deployment manager cell.