SecureAuth IdP Version affected: All
Description:
This article shows how to restrict LDAP searches by group. This is helpful for customers who would like to restrict their helpdesk staff to only search within a specific group in a helpdesk realm.
Steps:
1. On the SecureAuth Server, open up the Admin Console.
2. Go to the Data tab for the realm, and go to the "searchFilter" textbox.
3. To search for sAMAccountName in a specific group, use the following search filter:
(&(sAMAccountName=%v)(objectclass=*)(memberOf=CN=Testgroup1,CN=Users,DC=TestDomain,DC=local))
- This example shows a search for the sAMAccountName within the Testgroup1 group on the TestDomain.local DC. You will need to provide the full Distinguished Name for this to work.
4. Remember to click "Save"!
Comments
Please sign in to leave a comment.