Default language.

Configuring AREA LDAP group search

You can map LDAP groups to  groups and ignore excess LDAP groups.

Best practice
We recommend that you use the AR System Management Console to configure AREA LDAP group search. For more information, see Setting global and local level configurations using AR System Management Console.

To map LDAP groups to  groups

The AR System Administration: Server Information form shows the local level value of the configuration. If a local value does not exist, the form displays the global level configuration. If you modify the value on this form, the local level configuration value is modified. For example, if a configuration shows a global level value and you modify the value by using this form, the local level value gets created for the configuration.

  1. Open the AR System Administration: Server Information form, and click the EA tab.

  2. Click in the Group Mapping table to add a row, and enter the names of the LDAP and  groups to map. Enter only one group name in each column.

    You can map many LDAP groups to a single  group. If you map a single LDAP group to many  groups,  uses only the first mapping.
    EA_tab.png

  3. Click Apply and OK.

To ignore excess groups

For maximum benefit, when mapping LDAP groups to  groups, ignore excess LDAP groups as described in this procedure. This ensures that  authenticates a user when any single LDAP group to which the user belongs matches a  group.

  1. Open the AR System Administration: Server Information form, and click the EA tab.
  2. In the Group Mapping box, select the Ignore Excess Groups check box.
  3. Click Apply and OK.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*