Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revision | Last revisionBoth sides next revision | ||
72:ldap_optional_attributes [2023/12/05 09:16] – [Optional Attributes] mmk | 72:ldap_optional_attributes [2023/12/05 09:17] – [Optional Attributes] mmk | ||
---|---|---|---|
Line 35: | Line 35: | ||
The referrals attribute can be used to configure the handling of LDAP referrals. Possible behavior and values are “follow“ or “ignore“. By default, Stages will follow referrals. | The referrals attribute can be used to configure the handling of LDAP referrals. Possible behavior and values are “follow“ or “ignore“. By default, Stages will follow referrals. | ||
- | === The ignorePartialResultExeption === | + | === The ignorePartialResultExeption |
When enabled, this attribute causes the PartialResultException to be ignored if the referrals attribute is set to " | When enabled, this attribute causes the PartialResultException to be ignored if the referrals attribute is set to " | ||
Line 50: | Line 50: | ||
|(sn=sm*)|All entries with a surname that starts with " | |(sn=sm*)|All entries with a surname that starts with " | ||
|(& | |(& | ||
- | |(& | + | |(& |
+ | <font inherit/ | ||
**NOTE**: In the | **NOTE**: In the | ||
Line 56: | Line 57: | ||
There is a special memberOf keyword available on many LDAP directory servers. In the case of Microsoft Active Directory, groups are represented via entries of object class “group“ by default. The distinguished names of the group members are set in the member attributes of the group entry. On the other hand, the distinguished name of every group a user is part of is automatically set in a | There is a special memberOf keyword available on many LDAP directory servers. In the case of Microsoft Active Directory, groups are represented via entries of object class “group“ by default. The distinguished names of the group members are set in the member attributes of the group entry. On the other hand, the distinguished name of every group a user is part of is automatically set in a | ||
- | < | + | < |
The following search filter example shows how to filter users according to a certain group membership using the memberOf attribute: | The following search filter example shows how to filter users according to a certain group membership using the memberOf attribute: | ||
- | '' | + | '' |
If the memberOf attribute is not available on your LDAP directory server, it is possible to retrieve the members of a certain group by querying the member attribute of a group entry. | If the memberOf attribute is not available on your LDAP directory server, it is possible to retrieve the members of a certain group by querying the member attribute of a group entry. | ||
The following search filter example shows how to query the users of a group without using the | The following search filter example shows how to query the users of a group without using the | ||
- | < | + | < |
- | '' | + | '' |
The filter specifies that the distinguished name of the (group) entry has to be | The filter specifies that the distinguished name of the (group) entry has to be | ||
- | < | + | < |
< | < | ||
< | < | ||
A complete example for retrieving group members without using the | A complete example for retrieving group members without using the | ||
- | < | + | < |
'' | '' | ||
- | groupMemberAttribute=" | + | groupMemberAttribute=" |
=== The ondemandFilter Attribute === | === The ondemandFilter Attribute === |