Symantec Access Management

 View Only
Expand all | Collapse all

LDAP Filter to validate an attribute against current date

  • 1.  LDAP Filter to validate an attribute against current date

    Posted Jul 24, 2020 11:45 AM
    Hi All,

    We have a requirement to validate a CA Directory attribute against the current date in SiteMinder policies.

    We did tried with the following LDAP filter, but it doesn't seem to work.

    (&(nadActivationDate>=NOW())(objectClass=nadAccount))

    Kindly suggest how can we validate the nadActivationDate attribute against the current date please.

    Regards,
    Sasidharan


  • 2.  RE: LDAP Filter to validate an attribute against current date

    Broadcom Employee
    Posted Jul 28, 2020 03:08 AM
    Hi Sasidharan

    The above filter does not work in SiteMinder because "NOW()" is not recognized in LDAP search query.

    It is required a custom authentication (Jav) to validate the current date with nadActivationDate.

    Custom Authentication sample is available in https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-identity-and-access-management/single-sign-on/12-8/programming/sdks/programming-in-java/authentication-api-and-authorization-api-in-java/custom-authentication-scheme-creation-using-java/configure-a-java-custom-authentication-scheme-instance.html
      
    In community site, you can also find sample code and guides.
    https://community.broadcom.com/communities/community-home/digestviewer/viewthread?MID=750928

    You can also engage HCL service to build a new custom authentication scheme.

    Kind regards

    B.K.