LDAP group member import filter options
Guardium® Insights SaaS allows you to populate groups by importing members from an LDAP connection using a prefix/member format. This topic describes the filter options for this import.
When importing LDAP members into a group, you can use a static prefix append, or you can use a more advanced parameterized LDAP filter. If a specific prefix needs to be added to every member imported from LDAP, you can define this in the LDAP import configuration. Alternatively, you can specify a bind values group, which will be used with a parameterized filter to augment imported members with information contained in bind values group members. The following table describes supported parameterized filter substitution options and resulting imported member adjustments:
Bind group member | Parameterized filter | Substituted filter | Member prefix | Final member |
---|---|---|---|---|
A\B |
... cn=:1 ... |
... cn=A\B ... |
n/a | memberName |
D |
... cn=:1 ... |
... cn=D ... |
n/a | memberName |
A\B |
... cn=:1 ... dn=:2 ... |
... cn=B ... dn=A ... |
"A\" |
A\memberName |
D |
... cn=:1 ... dn=:2 ... |
... cn=D ... dn=* ... |
"%" |
%memberName |
A\B |
... cn=:2 ... |
... cn=B ... |
"%" |
%memberName |
D |
... cn=:2 ... |
... cn=D ... |
"%" |
%memberName |