search cancel

Member of scoping work does not work with groups

book

Article ID: 112393

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

A scoping rule with the %MEMBER_OF% attribute which contains groups names is not working and the scope does not apply
 

Cause

The cause is the usage of the group name instead of the DN.
The %MEMBER_OF% attribute is a multivalued attribute and the value of the group needs to be entered as a full DN.

Environment

Identity Portal 14.1
 

Resolution

Instead of using the group name, the DN of the group should be used, as it is listed in the memberOf attribute.