-
Titolo
Dynamic Group LDAP Query -
Descrizione
When creating a Dynamic Group, there are several options available for you to build your group membership list.
-
Risoluzione
The most powerful and customizable option available is Include by Query which allows you to build a custom LDAP query, the same way you would to query any standard LDAP service.
- On the Dynamic Group Membership Rules tab, choose Add | Include By Query
- Set the Find: dropdown to Custom Search
- Click on the Advanced tab
- Enter your custom LDAP query
Example;
If you are looking to return User objects who's Custom Attribute 11 is equal to 100 and who is a member of a certain group, you will have to create a custom search based on an LDAP query.
These queries can be constructed using LDAP syntax and you should refer to any third-party LDAP documentation.
Example of a few queries
===========================================================
The following query will return User objects with Custom Attribute 11 equal to '100'
(&(objectCategory=user)(extensionAttribute11=100))
The following query will return User objects who's a member of 'Group-001'
(&(objectCategory=user)(memberOf=CN=Group-001,OU=GroupTest,DC=CS-NL,DC=COM))
Combine the above to return User objects that meet both criteria
(&(objectCategory=user)(extensionAttribute11=100)(memberOf=CN=Group-001,OU=GroupTest,DC=CS-NL,DC=COM))
===========================================================