000033275 - How to use SearchFilterForAccounts when configuring an RSA Via Lifecycle & Governance Authentication Source

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000033275
Applies ToRSA Product Set: RSA Via Lifecycle and Governance (RSA Via L&G)
RSA Version/Condition:  7.0 and lower
IssueAuthentication Source configuration (i. e., Authentication type=Account Collector) provides the ability to specify an account filter field, such as SearchFilterForAccounts, to limit who can log in but does not document how to create a valid filter.
Go to Admin > System > Authentication tab > Create Authentication Source.
User-added image

 
User-added image

 
ResolutionThe filter needs to contain a %v placeholder for the account name. For example, a valid SearchFilterForAccounts might look like:
 
(&(sAMAccountName=%v)(objectclass=user)(memberof=CN=users,ou=marketing,dc=yourcompany,dc=com))

User-added image
NotesHelp information on how to specify a SearchFilterForAccounts filter will be included in a future release.

Attachments

    Outcomes