ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Member of scoping work does not work with groups

book

Article ID: 112393

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

A scoping rule with the %MEMBER_OF% attribute which contains groups names is not working and the scope does not apply
 

Cause

The cause is the usage of the group name instead of the DN.
The %MEMBER_OF% attribute is a multivalued attribute and the value of the group needs to be entered as a full DN.

Environment

Identity Portal 14.1
 

Resolution

Instead of using the group name, the DN of the group should be used, as it is listed in the memberOf attribute.