It is possible to create vSEC:CMS variables that can be mapped to directory attributes, typically Active Directory (AD) attributes, and used to retrieve values that can be used when issuing and managing a credential. In this article we will describe how you can create a variable and map this to an AD attribute and use this in a template when issuing a credential.
It will be required that at minimum you have already successfully completed the configuration steps described in the article Setup Evaluation Version of vSEC:CMS. The instructions in this document are applicable regardless of whether you are running the evaluation version or a production version.
In this section we will describe how you can create and map the variable within vSEC:CMS. We will use a simple example of mapping a variable to an AD attribute, sAMAccounName in this case.
Navigate to the Options - Variables page and click on Add. From the drop-down box select Directory (DN:User). Enter the variable name that vSEC:CMS will use into the Variable name field. Enter a label value into the Label field that will be displayed wherever the variable is selected on other dialogs within the console application. Enter a description in the Description field for a more detailed description as to what the variable will be used for.
Map Variable to AD Attribute
Presuming that you have already created a credential template, navigate to Templates - Card Templates and select the template you want to use and click Edit. From the Issue Card [Edit] section click Manage for the AD connection that you use in the User ID Options section.
Select the AD connection you use again from the next dialog and click Edit.
Select Edit from the next dialog.
Select the variable that you created before and click Get.
You will be prompted to select a user from your AD. Select any user that you want to use and you will see a dialog with all AD attributes available for this user. You can use the filter field in the top right to search for the AD attribute that you want to map to as in example below.
On selecting Ok from the previous dialog the AD attribute will then be mapped to the CMS variable. Then from the dialog below click Save.
You can test that the mapping is working as expected. From the previous dialog click the Get ID button to search for a user from your AD. Once selected click the Edit button. Then click the Test button from the next dialog. You should see something similar to below where you can see the CMS variable and the value (bob in this example) retrieved from AD.
You can then use the variable in your template wherever you want this information to be shown or displayed.