Symantec Access Management

Tech Tip : CA Single Sign-On:: Admin UI : Member group search filter not working

By Ujwol posted 10-21-2016 01:04 AM

  

Issue

Prior to r12.52SP1CR5, there was a provision to specify any text to filter out the desired Member Group and Member Organizations. in Administrative UI

For e.g 

If there are following Member Groups :

 

You could use search filter as : "Manager" to filter the DN : CN= Manager,CN=Users,DC=ad,DC=lab

 

However, starting with r12.52SP1CR5, this feature is removed.

Now, the only filter that works is : CN=Manager

 

Anything else does not work:

 

 

Environment

  • Policy Server : 12.52 SP1 CR5 and above.
  • Admin UI : 12.52 Sp1 CR5 and above

Cause

This is working as per the new design. Now , the search filter is expected to be in the format CN=*** (LDAP syntax).

The base for the search filter is picked up from the User Directory configuration (LDAP Search root)

 

Resolution

There is no workaround/resolution for this issue.

Additional Information

An enhancement request is created to bring back this feature :

https://communities.ca.com/ideas/235733277

1 comment
0 views

Permalink