5.6 Working with Distinguished Names

The following controls provide specialized support for distinguished names (DNs):

This section describes the specialized support, including the following:

5.6.1 Formatting DNs

If you have a DN value, you can display either the DN or a set of attributes related to that DN. For example, if the control displays the DN of a user entity, you could display the user entity's First Name and Last Name attributes instead. The controls that support this feature are DNDisplay, DNLookup, MVEditor, and Picklist.

You define the attributes to display in the control’s Display Expression property. This display expression resolves at runtime by replacing the attribute keys with the attribute values.

5.6.2 Working with Object Selectors

In some cases, you might want the user to search for and select a DN from a list of possible values. The object selector dialog box (also called the object lookup dialog box) provides this functionality. The contents of the object selector dialog box are controlled by the form control’s properties (see Table 5-28), and by how DAL properties are defined (see DNLookup Control Type Definitions and Object Selector Contents).

The object selector only supports attributes of String or DNLookup data types whose directory abstraction layer access properties for required and searchable are set to true.

Table 5-28 Properties for Defining the Object Selector Dialog Box

Property

Description

Entity key for DN expression lookup

This is the key to the directory abstraction layer entity whose DN you want to search for or display. This is a required field.

Object selector type

paramlist: Causes the object selector dialog box to perform an object lookup. You specify the lookup criteria via the Entity key for DN expression lookup property.

container: Causes the object selector dialog box to display one or more containers for selection. The containers for searching are determined by the Search container property that is specified in the directory abstraction layer for the entity named in the Entity key for DN expression lookup property. For example, if the Entity key for DN expression lookup property is Group, the search container is set to %group-root% by default. If no entity is specified you will get an error message about missing or bad Container Selector properties

Show object selector button

If set to True, the object selector button shows up on the control. Otherwise, it does not.

DNLookup Control Type Definitions and Object Selector Contents

When you specify an Entity key for DN expession lookup, the object selector’s contents are defined by the attribute’s DNLookup control type definition (in the directory abstraction layer). For example, if you specified the User entity as the object lookup and the manager as the attribute, the object selector would allow the user to search on the First Name and Last Name attributes because the object selector uses the manager’s DNLookup control type definition to determine the lookup criteria. The DNLookup definition for the manager entity is shown in Figure 5-30.

Figure 5-30 Manager Attribute on User DNLookup Property Definition

The resulting object selector is shown in Figure 5-31.

Figure 5-31 Sample Object Selector

You can change the attributes that are used by the object selector by changing the Lookup attributes. To allow other attributes in the object selector:

  1. Determine if the desired attribute is defined for the entity specified as the Lookup Entity. (In this example it is Manager Lookup.)

  2. If the attribute you want is available on the lookup entity, you can just add it to the Lookup Attributes. Make sure that it has the Search and Read properties set to True; otherwise, they won’t appear in the object selector dialog box.

  3. If the attribute does not already exist for the Lookup Entity, you must do the following:

    • Add the attribute to the Lookup Entity. For example, to display another attribute in a manager lookup like the one above, add the attribute to the Manager Lookup entity. For more information, see Section 3.2.3, Adding Attributes.

    • Add the attribute to the DNLookup definition.

    • Deploy the changed definitions. In this example, you’d redeploy the Manager Lookup entity (if you added a new attribute to its definition) and the User entity because you changed the definition of the manager attribute.

    • Refresh the application server’s DirectoryAbstractionLayerDefinitions cache.