SDL Format
The SDL format is the format used for local device authentication. This format adopts the LDIF file format, which sues the ldif file extension. LDIF (LDAP Data Interchange Format) is used for transferring directory information between LDAP directory servers, etc.
Each record in an LDIF file is separated by at least one empty line. A record comprises of multiple lines that do not include any empty lines. Each record contains an ID line (which can be omitted) and multiple entries. Each entry contains an attribute name and attribute value separated by a colon. If only blank spaces appear after the colon, that entry is ignored. However, if an entry is divided by a line break code and one space, that line break code and space are ignored. Characters after this are handled as if they are connected to the previous line, even if they are spaces. Either carriage return + line feed or line feed only can be used as the line break code. Line breaks are not allowed before the colon. Lines starting with # are ignored.
UTF-8 is used for character encoding.
Examples:
dn: uid=J00001
userPassword: {sdl}1234567890abcdefghijklmn
canonUid: 1000001
canonPwd: 1010001
cn: SampleUser01
cn;lang-ja;phonetic:
mail: SampleUser.J00001@example.co.jp
objectClass: top
objectClass: person
Input File Format
Attribute name
Can be omitted?
Default value used when omitted
Item name in SSO-H
Description
dn
No
-
User Name
"uid="login user name ("uid=" can be omitted). Must be from 1 to 32 characters. You cannot include spaces or the following symbols (\ / : * ? l < > [ ] ; , = + @ ") .
userPassword
Yes
-
Password (corresponding to the user name)
When encrypted: the attribute value starts with "{sdl}". Use the encrypted value from the exported file.
When not encrypted: You can leave this blank or enter up to 32 characters.
canonUid
Yes
-
Department ID
Must be from 1 to 7 digits.
canonPwd
Yes
-
PIN (corresponding to the department ID)
You can leave this blank or enter up to 7 digits.
cn
Yes
null
Displayed As
You can leave this blank or enter up to 32 characters.
cn;lang-ja;phonetic
Yes
null
-
-
mail
Yes
null
E-Mail Address
You can leave this blank or enter up to 256 ASCII characters. The format of e-mail addresses is not checked.
Role
Yes
General User
Select Role to Set
If you select "Administrator," the user type is set as the administrator. If it is omitted, default role is set.
objectClass
Yes
null
"top"
"top" (fixed)
objectClass
No
Not limited
"person"
"person" (fixed)
The attribute names can be specified in any order. Unnecessary attribute names can be omitted.
User Type is not included in the input format. After the import is performed, edit it to "Administrator" as necessary.
Output File Format
Attribute name
Corresponding user information on the [Register]/[Edit] screen of [User Management]
Description
dn
User Name
The login user name.
userPassword
Password (corresponding to the user name)
The attribute value starts with "{sdl}" and the password is encrypted.
canonUid
Department ID
The department ID.
canonPwd
PIN (corresponding to the department ID)
Is not encrypted. If there are not enough digits, zeros are added to the start of the number.
cn
Displayed As
The display name.
cn;lang-ja;phonetic
-
-
mail
E-Mail Address
The e-mail address.
Role
Select Role to Set
If you select "Administrator," the user type is set as the administrator. If it is omitted, default role is set.
objectClass
-
"top" (fixed)
objectClass
-
"person" (fixed)
User Type is not output.
» MEAP » Setting the SSO-H Function » File Formats for Local Device Authentication User Information Files » SDL Format
08X4-0Y5