Layer 7 Access Management

Tech Tip : CA Single Sign-On : Why Policy Server does wildcard searches like userAccountControl=* ?

  • 1.  Tech Tip : CA Single Sign-On : Why Policy Server does wildcard searches like userAccountControl=* ?

    Posted 09-15-2017 03:55 AM

    Question:

     

    Why Policy Server does wildcard LDAP searches on the attributes below ?

    We run a Policy Server which uses a LDAP Active Directory User Store and we see those wildcard search filters many times :

     

    userAccountControl=*

    pwdLastSet=*

    accountExpires=*

    UUID=*

    objectclass=*

    memberOf=*

     

    Answer in KB : TEC1579924