Filters are used to synchronize a specific segment of a user base in a directory server or file source to groups.
Adding, Editing and Deleting a User Information Source Filter
- Click Administration on the left menu.
- Click Users, Roles, and Groups in the Administration area.
- Click User Information Sources in the Users, Roles, and Groups area.
- Click on the user source name where the filter is/will be located.
- Choose from the following options:
If You Want To
|
Then
|
Add a User Information Source Filter
|
- Click Add Filter on the left menu.
- Go to the next step.
|
Edit a User Information Source Filter
|
NOTE: A user source filter cannot be edited if it is synchronizing.
- Click on the filter name you want to edit.
- Click Edit Properties.
- Go to the next step.
|
Delete a User Information Source Filter
|
NOTE: A user source filter cannot be deleted if it is synchronizing.
- Click on the filter name you want to delete.
- Click Delete Filter on the left menu.
- Click OK.
NOTE: Members of the deleted filter will be removed from the groups to which the filter was assigned. If members are not assigned to another group within the application, the accounts will be deleted.
|
- Complete/edit the following fields:
Field
|
Description
|
Name
|
Enter a name for the filter.
|
Description
|
Enter a description for the filter.
|
Directory Server Base DN
|
NOTE: This option is not available if your user information source is created from a file.
Enter the Directory Server Base DN.
Example: OU=authors, DC=acme, DC=com
|
Filter String
|
For a directory server, enter an LDAP query. Example: (&(objectClass=user)(memberOf=CN=HumanResourses,OU=Groups,,OU=authors,DC=acme,DC=com))
For a file user source, enter the XPath query to the user. Example: /users/user[@group='HR']
|
- Click OK.
NOTE:
|
If a filter is not assigned to a group, users in the filter will not be added into the application unless they are a member of another filter.
|
Synchronizing a User Information Source Filter
NOTE:
|
Administrators can synchronize accounts at a filter, directory server/file source, or server level. Synchronizing from the user source page will synchronize all filters associated to that user source. Synchronizing from the filter page will only synchronize that filter. Synchronizing from the Groups page will synchronize all user sources and filters. Before synchronizing, the filter needs to be assigned to a group. For more information, refer to Creating and Updating Groups.
|
NOTE:
|
If you are using Security Assertion Markup Language (SAML) authentication, user synchronization is not required and this section can be skipped.
|
- Click Administration on the left menu.
- Click Users, Roles, and Groups in the Administration area.
- Click User Information Sources in the Users, Roles, and Groups area.
- Click on the user source name containing the filters to synchronize.
- Choose from the following options:
If You Want To
|
Then
|
Synchronize all filters associated with the user information source
|
Go to the next step.
|
Synchronize a single filter to add/update a specific group
|
- Click on the filter name you want to synchronize.
- Go to the next step.
|
- Click Synchronize on the left menu.
- Click OK.