search cancel

securing APM with LDAP - query for multiple user groups not working

book

Article ID: 214141

calendar_today

Updated On:

Products

CA Application Performance Management (APM / Wily / Introscope)

Issue/Introduction

In the realms.xml file, I have the LDAP query for property groupMemberQuery set to the below which is filtering for two different group names but it is not picking up the 2nd filter portion cn=Para*.

(&(objectClass=group)(|(cn=Corp*)(cn=Para*))(member={0}))

Also the query is not able to get the users from nested groups even though the property disableNestedGroupSearch is set to false.

Need to be able to either filter by two different cn names or to get the users from nested groups for authentication.

Environment

Release : 10.7.0

Component : APM Agents

Resolution

Enable Global Catalog in LDAP and in APM rather than the default port of 389, use port 3268 (LDAP) or 3269 (LDAPS).

Then restart the EM.