|
Label |
Mandatory |
Description |
|
User Root DN |
Yes |
Distinguished name (DN) of the start base, when searching for objects in the user storage. A DN is a string of entries, collected attribute types with values such as "cn" for common name or "mail" for e-mail address. Example: ou=groups,dc=thesecurecompany,dc=com |
|
Label |
Mandatory |
Description |
|
Object Category |
Yes |
Object Category users belong to. Object categories allows you to control which attributes are required and allowed in a DN entry. Set to group by default. |
|
Attribute Name |
Yes |
Unique user attribute. Set to samaccountname by default. |
|
Member Attribute Name |
Yes |
Unique member LDAP attribute. Set to member by default. |
|
Additional Filter |
|
Filter used on the user group search rule to specify what users to find. This filter can for example be used to specify that only users belonging to certain user groups are accepted when creating user accounts. In this case, the filter can be written in the following way: (memberOf=CN=Domain Admins,CN=Users,DC=Test,DC=exchange,DC=com) Another example of additional filter is that only users from the domain test.exchange1.com or test.exchange2.com will be accepted. in this case, the filter can be written in the following way: (|(userPrincipalName=%uid%@Test.exchange1.com)(userPrincipalName=%uid%@Test.exchange2.com)) The variable %uid% will be replaced by the user ID registered in user storage. |
|
Search Scope |
|
Defines the search scope used when searching for objects in the selected user storage location. Available options are: Object Level The scope is base One Level The scope is only the objects located directly below base (base not included). Sub-tree Level The scope is all objects located below base (base not included). Set to Sub-tree Level by default. |
|
Label |
Mandatory |
Description |
|
Object Class Name |
Yes |
Object Class users belong to. Object classes allows you to control which attributes are required and allowed in a DN entry. Set to groupOfNames by default. |
|
Attribute Name |
Yes |
Unique user attribute. Set to cn by default. |
|
Member Attribute Name |
Yes |
Unique member LDAP attribute. Set to member by default. |
|
Additional Filter |
|
Filter used on the user search rule to specify what users to find. This filter can for example be used to specify that only users belonging to certain user groups are accepted when creating user accounts. In this case, the filter can be written in the following way: (memberOf=CN=Domain Admins,CN=Users,DC=Test,DC=exchange,DC=com) Another example of additional filter is that only users from the domain test.exchange1.com or test.exchange2.com will be accepted. in this case, the filter can be written in the following way: (|(userPrincipalName=%uid%@Test.exchange1.com)(userPrincipalName=%uid%@Test.exchange2.com)) The variable %uid% will be replaced by the user ID registered in user storage. |
|
Search Scope |
|
Defines the search scope used when searching for objects in the selected user storage location. Available options are: Object Level The scope is base One Level The scope is only the objects located directly below base (base not included). Sub-tree Level The scope is all objects located below base (base not included). Set to Sub-tree Level by default. |