How to Define the Search Container
The Profiles Schema Manager provides three attributes for defining the starting search container:
ParentDN
DefaultParentURL
Parent URL
These attributes are arranged in a hierarchy that determines the precedence for searching. The following three topics are arranged according to this hierarchy.
ParentDN
The ParentDN attribute is optionally added to the profile definition to specify the distinguished name (DN) of the starting search container. If used, this attribute enables the container to be specified for an individual profile and overrides the settings for the DefaultParentURL and Parent URL attributes. Specifying this attribute provides the most detailed level of control.
DefaultParentURL
The DefaultParentURL attribute is added as a custom attribute to the profile definition. The value of this attribute is relative to the defaultNamingContext custom attribute specified for the data source. This value is used as the starting search container for all profiles (of this definition type) that do not have a different value specified in a ParentDN attribute. This attribute overrides the Parent URL attribute.
Parent URL
You can configure the Parent URL attribute on the System Attributes tab in the Properties dialog box for the LDAP data source that is using the Profiles Schema Manager. The value of this attribute is the distinguished name of the starting search container.
As an example, assume that existing accounts are stored in CN=Users,DC=testDomain,DC=com. One way to direct the Profiles System to read accounts from this container is to set the Parent URL attribute of the Active Directory data source to CN=Users,DC=testDomain,DC=com. The Profiles System will perform all subsequent directory operations against this container unless overridden by the DefaultParentURL attribute or the ParentDN attribute.
See Also
Other Resources
Managing Active Directory Accounts