Resolution
fact
Directory and Resource Administrator 6.x
symptom
A property validation policy based on the FirstName attribute does not enforce the First name field in Directory and Resource Administrator.
symptom
A policy configured with the following parameters will not enforce any property validation for the First name field in Directory and Resource Administrator.
cause
The First name field in a user account's properties screen as displayed by Directory and Resource Administrator (DRA) and by Active Directory Users & Computers refers to the givenName property in Active Directory.
fix
Configuring the policy as shown below will enforce property validation of the First name field in DRA.
Directory and Resource Administrator 6.x
symptom
A property validation policy based on the FirstName attribute does not enforce the First name field in Directory and Resource Administrator.
symptom
A policy configured with the following parameters will not enforce any property validation for the First name field in Directory and Resource Administrator.
- Apply to: All ActiveViews, All Assistant Admins
Select object class: User
Select class property: FirstName
Default value: blank
Property format mask: *
Valid property: blank
Required property: selected
cause
The First name field in a user account's properties screen as displayed by Directory and Resource Administrator (DRA) and by Active Directory Users & Computers refers to the givenName property in Active Directory.
fix
Configuring the policy as shown below will enforce property validation of the First name field in DRA.
- Apply to: All ActiveViews, All Assistant Admins
Select object class: User
Select class property: givenName
Default value: blank
Property format mask: *
Valid property: blank
Required property: selected
Additional Information
Formerly known as NETIQKB3373