AnsweredAssumed Answered

Narrow Identitiy Source Scope for LDAP

Question asked by Terrence Prime on Oct 22, 2018
Latest reply on Oct 22, 2018 by Edward Davis

Like • Show 0 Likes0
Comment • 4

How do you narrow the scope for the Identity source so that it looks at the members of a specific group in your Active Directory instead of all the Users listed in your organization?

I am running RSA Authentication Manager 8.1.

Thanks

Terrence

Edward Davis

Oct 22, 2018 3:06 PM

Correct Answer

You can edit the user search filter for the external identity source MAP page,

and define memberOf as part of the logic in the search filter.

NOTE: You'll need to provide the full DN of the group to use memberOf.

See the reply in context

No one else had this question

Outcomes

4 Replies

Edward Davis Oct 22, 2018 3:06 PM
Unmark Correct
Correct Answer
You can edit the user search filter for the external identity source MAP page,
and define memberOf as part of the logic in the search filter.

NOTE: You'll need to provide the full DN of the group to use memberOf.
1 person found this helpful
Like • Show 1 Like1
Actions
- Terrence Prime @ Edward Davis on Oct 22, 2018 4:15 PM
  Mark Correct
  Correct Answer
  Hi Edward,
  
  Thanks for that info. Would you happen to have an example of what that should look like on the MAP tab?
  
  Thanks
  Terrence
  
  <http://www.rtt-law.com/>
  
  Terrence Prime
  System Administrator
  
  Direct 803.744.1875
  Fax 803.343.7017
  
  Rogers Townsend & Thomas, PC
  1221 Main Street 14th Floor
  Columbia, SC 29201
  
  Main 803.771.7900
  Visit rtt-law.com<http://www.rtt-law.com/>
  Like • Show 0 Likes0
  Actions
  - Edward Davis @ Terrence Prime on Oct 22, 2018 4:51 PM
    Mark Correct
    Correct Answer
    This is by no means 'the way to do it' merely an example. You can use any common legal ldap filter syntax.
    
    CN=administrators,CN=Builtin,DC=MyDomain,DC=com
    
    ... my filter could be:
    (objectClass=User)&(memberOf=CN=administrators,CN=builtin,DC=farmco,dc=local)
    
    Here is a page showing a lot of options usable with Active Directory
    
    https://social.technet.microsoft.com/wiki/contents/articles/5392.active-directory-ldap-syntax-filters.aspx
    1 person found this helpful
    Like • Show 0 Likes0
    Actions
- Terrence Prime @ Edward Davis on Oct 22, 2018 4:39 PM
  Mark Correct
  Correct Answer
  Hi Edward,
  
  Nevermind. I was able to figure it out by using the link below. Thanks for pointing me in the right direction, though. You triggered the right questions for me to ask which allowed me to find the link below.
  
  Much appreciated.
  
  https://community.rsa.com/docs/DOC-45897
  
  Thanks
  Terrence
  
  <http://www.rtt-law.com/>
  
  Terrence Prime
  System Administrator
  
  Direct 803.744.1875
  Fax 803.343.7017
  
  Rogers Townsend & Thomas, PC
  1221 Main Street 14th Floor
  Columbia, SC 29201
  
  Main 803.771.7900
  Visit rtt-law.com<http://www.rtt-law.com/>
  Like • Show 0 Likes0
  Actions

Narrow Identitiy Source Scope for LDAP

Outcomes

Related Content

Recommended Content