cancel
Showing results for 
Search instead for 
Did you mean: 

Is it possible to role map based on OU?

SOLVED
mmartin_
Occasional Contributor

Is it possible to role map based on OU?

Is it possible to role map based on an OU rather than a group membership? If so, is there documentation somewhere? I'm trying to use "user attribute" "ou" and then the name of the OU by itself and with the full path, including domain name. Neither seems to work. Please help. Thanks!

1 ACCEPTED SOLUTION

Accepted Solutions
craig_tweedie_
New Contributor

Re: Is it possible to role map based on OU?

Yes it is.

You need to setup an LDAP server for authentication (I am using an AD server)

Then use a custom expression to map the role like: userDN.ou = 'Users-LAB' - where 'Users-LAB' is the OU the user is in.

View solution in original post

2 REPLIES 2
craig_tweedie_
New Contributor

Re: Is it possible to role map based on OU?

Yes it is.

You need to setup an LDAP server for authentication (I am using an AD server)

Then use a custom expression to map the role like: userDN.ou = 'Users-LAB' - where 'Users-LAB' is the OU the user is in.

View solution in original post

RKB_
Frequent Contributor

Re: Is it possible to role map based on OU?

You can use a custom expression as follows:

userDN.ou = 'OUname'

Note: single quotes in the above example are mandatory.

This has worked for me.

< please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus J thanks >