The [whitelist source=ldap_server_group] section allows whitelisting users based on LDAP Server group membership. To enable this whitelist, configure one of the use cases below.
NOTE: The user names and groups are compared in LDAP in a case-insensitive manner.
[whitelist source=ldap_server_group] allow=<no_user-or-all_users> except=<group-1>,<group-2>
Type: | string (all_users | no_users) |
Required: | no |
Default: | N/A |
Description: This parameter defines whether to allow all users or no user to connect without providing
Type: | string |
Required: | no |
Default: | N/A |
Description: This parameter defines those specific LDAP/AD group(s) that are exempt from the rule defined by the allow parameter.
To allow members of specific LDAP/AD group(s) to connect without providing
[whitelist source=ldap_server_group] allow=<no_user> except=<group-1>,<group-2>
You must configure the name of the LDAP Server policy in the [ldap_server] section.
To enforce
[whitelist source=ldap_server_group] allow=<all_users> except=<group-1>,<group-2>
You must configure the name of the LDAP Server policy in the [ldap_server] section.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center