LDAP User Role Filter explained

Version 2

    From Michael Zimmerman...

     

    The LDAP User Role Filter is matching against the group name, not the individual user accounts within the group(s). So for example below…

     

    A group called “Grp1” in AD and the user “GRP1 Admin” is a member of the “Grp1” group. The search base is the OU named “MZIM”…

     

    Unknown.png

     

    Create a LDAP User Role Filter to look for “Grp1” group from AD (should be able to use starts with or matches as the operator)….

     

    Unknown-1.png

     

    Any user that is a member of that “Grp1” group, should get pulled into UCSD as a “Group Admin” (in my case I chose Group Admin Role)….because that group matches the LDAP User Role Filter. Any other user(s) in other groups in the OU will by default get imported as “Service End-Users” into UCSD.

     

    Unknown-2.png