SSO provides the Name Expression to perform many different operations, they can be used in Attribute mapping, responses ….

Attribute Mapping Types

Alias - Specifies an attribute mapping of type alias.

Group - Specifies an attribute mapping of type group name.

Mask - Specifies an attribute mapping of type mask.

Constant - Specifies an attribute mapping of type constant.

Expression - Specifies an attribute mapping of type expression.

Online docs

https://docops.ca.com/ca-single-sign-on/12-7/en/configuring/policy-server-configuration/user-directories/user-attribute-mapping 

Requirement which requires to trim a group name using attribute mapping in User Directory 

Two group names, 2 different userstores (Dir A, Dir B)

 Dir A – groups name cn=SupportUser

Dir B – group name cn=Group-SupportUser

Create 2 mapping 1 for each directory object

Looking to trim Group- from Dir B and map to Dir A

IsGroupMember is the common name (cn) that is mapped to the underlying directory schema:

   IsGroupMember is mapped to CN= SupportUser,OU=groups,DC=ssosites,DC=com in Directory A.

   IsGroupMember is mapped to Group-SupportUser,ou=groups,o=acme.com in Directory B.

The idea behind Name expression may also be relevant here.  For the expression below if my group name in user store “cn= SupportUser, OU=groups,DC=ssosites,DC=com

Named Expression that will set #group expression to value after Support-

Name: #GROUP1

expression: AFTER(cn,'Group-',TRUE)

If the groups name is cn=Group-SupportUsers,a  the value of the Name Expression becomes  #group = SupportUser

Using this technique you have trimmed Group- from the returned name value pair, this Name Expression can be called later