Symantec Access Management

  • Private Community
 View Only
Back to discussions
Expand all | Collapse all

siteminder 12.52 sp1 cr1 federated users in WAMUI ldap search subgroup

  • 1.  siteminder 12.52 sp1 cr1 federated users in WAMUI ldap search subgroup

    Posted Jun 30, 2015 12:47 PM

    Hello,

     

      Need help trying to configure federation users in partnership. siteminder version 12.52 sp1 cr1. In legacy federation or normal webapplication policy you can check "Allow nested subgroups" checkbox to indicate search through all the subgroups of added group. How do I do this in partnership federation? There is no way to indicate subgroup?

     

    Since my userstore is Microsoft Active Directory 2012 r2 I tried following based on online search but does not help.

     

    (&(objectCategory=Person)(sAMAccountName=*)(memberOf:1.2.840.113556.1.4.1941:=CN=xxxx)).



  • 2.  Re: siteminder 12.52 sp1 cr1 federated users in WAMUI ldap search subgroup
    Best Answer

    Posted Jul 07, 2015 07:24 PM

    In Federation Partnership setup >> User Identification, under Federated Users column, you can select 'Group' from the User Class drop-down list associated with this AD user store.

     

    Then you can specify the filer e.g: (|(mail=*@.example.com)(memberOf=cn=Employees,ou=Groups,dc=example,dc=com)).

     

    Best regards,

    Kelly