Prior to r12.52SP1CR5, there was a provision to specify any text to filter out the desired Member Group and Member Organizations. in Administrative UI
If there are following Member Groups :
You could use search filter as : "Manager" to filter the DN : CN= Manager,CN=Users,DC=ad,DC=lab
However, starting with r12.52SP1CR5, this feature is removed.
Now, the only filter that works is : CN=Manager
Anything else does not work:
This is working as per the new design. Now , the search filter is expected to be in the format CN=XXX (LDAP syntax).
The base for the search filter is picked up from the User Directory configuration (LDAP Search root)
Policy Server : 12.52 SP1 CR5 and above.Admin UI : 12.52 Sp1 CR5 and above
There is no workaround/resolution for this issue.
An enhancement request is created to bring back this feature :