Follow this task to configure a property extension repository
to store attributes that cannot be stored in your Lightweight Directory
Access Protocol (LDAP) server.
About this task
For security and business reasons, you might want to prohibit
write operations to your repositories. However, applications calling
the federated repository configuration might need to store additional
properties for the entities. A federated repository configuration
provides a
property extension repository, which is a database
regardless of the type of main profile repositories, for a propertylevel
join configuration. For example, a company that uses an LDAP directory
for its internal employees and a database for external customers and
business partners might not allow write access to its LDAP and its
database. The company can use the
property extension repository in
a federated repository configuration to store additional properties
for the people in those repositories, excluding the user ID. When
an application uses the federated repository configuration to retrieve
an entry for a person, the federated repository configuration transparently
joins the properties of the person that is retrieved from either the
LDAP or the customer's database with the properties of the person
that is retrieved from the property extension repository into a single
logical person entry.
When you configure a property extension
repository, you can supply a valid data source, a direct connection
configuration, or both. The system first tries to connect by way of
the data source. If the data source is not available, then the system
uses the direct access configuration.
Restriction: You
cannot configure a property extension repository in a mixed version deployment manager cell.