|Applies To||Microsoft Active Directory|
Microsoft Windows Server 2003
RSA ClearTrust 5.5
|Issue||How to view users in multiple OUs within RSA ClearTrust|
Trying to manage RSA ClearTrust user objects located in different organization units (OU's). Only users within a single OU are listed in RSA ClearTrust Entitlements Manager (Admin GUI).
|Cause||Using Microsoft Active Directory native tools, RSA ClearTrust users are created into a particular OU. Using the RSA ClearTrust Entitlements Manager (Admin GUI), users are created in a different OU as defined within the associated ldap.conf's .baseDN configuration parameter.|
|Resolution||Alternately, if your user location consists of only one other OU, you can refer to the RSA ClearTrust Installation and Configuration Guide and leverage aux store functionality to configure all users to be viewed within the ClearTrust Entitlements Manager (Admin GUI). Aux store functionality allows new users created within the Admin GUI to be added to the OU as set within the ldap.conf's .baseDN configuration parameters. It also allows users in other OUs created with the Microsoft Active Directory native tools to be seen in the Admin GUI.|
Change the value of the cleartrust.data.ldap.user.basedn so it points to an LDAP structure sufficient levels up in the hierarchy tree until all the desired OUs' users are contained. Note that including multiple OU's in the base DN will adversely affect performance.
|Legacy Article ID||a27577|