Article Content
Article Number | 000035785 |
Applies To | RSA Product Type: SecurID Access |
Issue | When attempting to synchronize nested Active Directory Identity Source group members by specifying a User Search Filter that defines the parent group the nested users are not synchronized. For example, say the search filter is:
and ParentGroup contains a nested group. The users in the nested group will not be synchronized. |
Resolution | Microsoft-specific filter syntax can be used to synchronize the members of ParentGroup and any nested group members. Precede the =CN=ParentGroup with the Microsoft LDAP-specific syntax :1.2.840.113556.1.4.1941: as shown in below user search filter example:
|
Notes | Reference Active Directory: LDAP Syntax Filters. |