Hi experts
we're trying to assign vlan based on OU rather than group membership. Like if computer is in one of these OUs - assign VLAN 100
if not - go with VLAN 50
it's okay using this with groups, but OUs - needing a new attribute added?
You can use UserDN ENDS_WITH in your AD/LDAP authorization source.
Hi Tim, can you explain that a bit more perhaps with a screen shot of a rule? "UserDN ENDS_WITH" then what? I saw userDN as an authorization attrubute, but couldnt seem to get anything to act on it since it appears to not be sending anyhtingAuthorization:BPS_LDAP:UserDNWhat I'd like to act on is the top level OU (in this case BPS Computers) as a catch all for domain machines. ie Authorization:BPS_LDAP:memberOf EQUALS BPS ComputersBut I'm not sure if I have to add that to the attribute filter set in the Auth sources?
© Copyright 2024 Hewlett Packard Enterprise Development LPAll Rights Reserved.