Knowledge Base

Support Policies

Restricting LDAP Searches by Group

SecureAuth IdP Version affected: All

 

Description:

This article shows how to restrict LDAP searches by group. This is helpful for customers who would like to restrict their helpdesk staff to only search within a specific group in a helpdesk realm.

 

Steps:

1. On the SecureAuth Server, open up the Admin Console.
2. Go to the Data tab for the realm, and go to the "searchFilter" textbox.

3. To search for sAMAccountName in a specific group, use the following search filter:

(&(sAMAccountName=%v)(objectclass=*)(memberOf=CN=Testgroup1,CN=Users,DC=TestDomain,DC=local))

  • This example shows a search for the sAMAccountName within the Testgroup1 group on the TestDomain.local DC. You will need to provide the full Distinguished Name for this to work.

4. Remember to click "Save"!

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.