Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CT-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Crypto Command Center
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Windows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

SafeNet Synchronization Agent

Aliases 3 and 4

search
printsuggest an editpdf paneldownload

Aliases 3 and 4

You can configure Alias 3 and Alias 4 to be synchronized from the LDAP by creating a customized LDAP schema.

note

Note

Alias 1 and Alias 2 can be configured on the STA Token Management or SAS PCE console by the operator only. Alias 3 and Alias 4 can be synchronized from the LDAP source only.

You cannot change the default schema. But, you can modify a cloned schema.

copy link to clipboardClone the schema and define the aliases

  1. In SafeNet Synchronization Agent, click the Configuration tab.

  2. Click Configure in the LDAP Schema Configuration section.

    The LDAP Schema Management window displays.

  3. Click Clone and type a schema name in the field provided.

    alt_text

  4. Type the values for Alias 3 and Alias 4 in the fields provided.

    alt_text

    note

    Note

    The values must exactly match those in the corresponding LDAP source. In addition, each user name and alias must be unique within a STA or SAS PCE account. STA or SAS PCE resolve conflicts according to rules described in the Conflict resolution section.

  5. Click Apply and then OK to save your changes.

  6. Click the Status tab.

  7. Click Details in the Synchronization Details section.

    The User Source Connection Details window displays.

  8. Verify that the Mapping name exactly matches the Schema Name used in step 3.

  9. Click OK to close the User Source Connection Details window.

  10. Click Stop and then Start in the Service Status section.

    This sequence forces the LDAP Sync Agent to synchronize with the STA or SAS PCE server.

copy link to clipboardVerify changes to aliases

  1. From the STA Token Management or SAS PCE console, click Virtual Servers > Assignment.

  2. Search for the User with Alias 3 or Alias 4.

  3. Verify that the synchronized aliases (Alias 3 or Alias 4) display in the User Detail module.

copy link to clipboardConflict resolution

Alias 3 and Alias 4 may not be unique in the LDAP source. However, the LDAP synchronization process must be completed even when conflicts exist. The conflict resolution tables that follow indicate how STA or SAS PCE resolves such conflicts during provisioning and synchronization.

copy link to clipboardConflicts during provisioning

New user being added with conflicting … Existing User
Synced User ID Local User ID Synced Aliases Local Alias
New User Local User ID

New local user not added (UI message displayed)
Local Alias

New local user not added (UI message displayed)

copy link to clipboardConflicts during synchronization

New user being added with conflicting … Existing User
Synced User ID Local User ID Synced Aliases Local Alias
New User Synced User ID

New synced user not added

New synced user is added, overwrites local user

New synced user is added

Deletes previously synced alias

New synced user is added

Deletes local alias
Synced Alias

New synced user IS added without the alias

New synced user IS added without the alias

New synced user IS added without the alias

New synced user is added

Deletes local alias
note

Note

In case of a conflicting alias, to release the alias from one user so that it can be synced to another user, change the alias value instead of deleting it. Changing the alias value allows STA or SAS PCE to trigger a process to attempt to re-resolve the conflict (simple alias deletion will not).

On this page