Solved: Is it possible to role map based on OU?

mmartin_ · ‎06-30-2010

Is it possible to role map based on an OU rather than a group membership? If so, is there documentation somewhere? I'm trying to use "user attribute" "ou" and then the name of the OU by itself and with the full path, including domain name. Neither seems to work. Please help. Thanks!

craig_tweedie_ · ‎06-30-2010

Yes it is.

You need to setup an LDAP server for authentication (I am using an AD server)

Then use a custom expression to map the role like: userDN.ou = 'Users-LAB' - where 'Users-LAB' is the OU the user is in.

View solution in original post

craig_tweedie_ · ‎06-30-2010

Yes it is.

You need to setup an LDAP server for authentication (I am using an AD server)

Then use a custom expression to map the role like: userDN.ou = 'Users-LAB' - where 'Users-LAB' is the OU the user is in.

RKB_ · ‎07-01-2010

You can use a custom expression as follows:

userDN.ou = 'OUname'

Note: single quotes in the above example are mandatory.

This has worked for me.

< please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus J thanks >

Is it possible to role map based on OU?

Is it possible to role map based on OU?

Re: Is it possible to role map based on OU?

Re: Is it possible to role map based on OU?

Re: Is it possible to role map based on OU?