Restricting LDAP Searches by Group

Follow
    Applies to:
  • Legacy SecureAuth IdP
Deployment model:
  • On Premises
  • SecureAuth IdP Version affected: All

     

    Description:

    This article shows how to restrict LDAP searches by group. This is helpful for customers who would like to restrict their helpdesk staff to only search within a specific group in a helpdesk realm.

     

    Steps:

    1. On the SecureAuth Server, open up the Admin Console.
    2. Go to the Data tab for the realm, and go to the "searchFilter" textbox.

    3. To search for sAMAccountName in a specific group, use the following search filter:

    (&(sAMAccountName=%v)(objectclass=*)(memberOf=CN=Testgroup1,CN=Users,DC=TestDomain,DC=local))

    • This example shows a search for the sAMAccountName within the Testgroup1 group on the TestDomain.local DC. You will need to provide the full Distinguished Name for this to work.

    4. Remember to click "Save"!

    0 out of 0 found this helpful

    Comments

    0 comments

    Please sign in to leave a comment.