search cancel

Member group and Member Organizations search filter not working as expected


Article ID: 4435


Updated On:


CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On


Prior to r12.52SP1CR5, there was a provision to specify any text to filter out the desired Member Group and Member Organizations. in Administrative UI

For e.g 

If there are following Member Groups :

<Please see attached file for image>


You could use search filter as : "Manager" to filter the DN : CN= Manager,CN=Users,DC=ad,DC=lab


However, starting with r12.52SP1CR5, this feature is removed.

Now, the only filter that works is : CN=Manager

<Please see attached file for image>


Anything else does not work:


<Please see attached file for image>


<Please see attached file for image>

<Please see attached file for image>


Policy Server : 12.52 SP1 CR5 and above.Admin UI : 12.52 Sp1 CR5 and above


This is working as per the new design. Now , the search filter is expected to be in the format CN=XXX (LDAP syntax).

The base for the search filter is picked up from the User Directory configuration (LDAP Search root)



There is no workaround/resolution for this issue.

Additional Information

An enhancement request is created to bring back this feature :


1558699767276000004435_sktwi1f5rjvs16osu.png get_app
1558699765548000004435_sktwi1f5rjvs16ost.png get_app
1558699763648000004435_sktwi1f5rjvs16oss.png get_app
1558699761787000004435_sktwi1f5rjvs16osr.png get_app
1558699759831000004435_sktwi1f5rjvs16osq.png get_app