Hi,
I have a MacTrac service that allows end users to create their own devices. I have a web auth service that catches these created devices but I'm struggling to check if the sponsor name exists within AD.
When I use the following mapping:
(Authorization:[Guest Device Repository]:SponsorName EXISTS )
I see the AccountStatus, RemainingExpiration and SponsorName attributes to match against.
With this in mind I have created the following AD filter and added AD to my list of authorization sources.
Filter Name: Sponsor Name Check
Filter Query: (&(objectClass=user)(sAMAccountName=%{Authorization:[Guest Device Repository]:SponsorName}))
Name:memberOf, AliasName:Sponsor Name AD Group, DataType:String
When I map against the following I don't get any authorization attributes from the AD source
(Authorization:Active Directory:Sponsor Name AD Group EXISTS )
Any ideas on where I might be going wrong?
Cheers
Shaun