cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Narrowing LDAP Filter Search Results in GRC AC 10.1

Former Member

on ‎04-11-2016 11:59 PM

0 Kudos

I am working on a project right now where we are linking Active Directory to GRC AC 10.1.  The connection is working, but when using the search function in the Access Request form, all the info, including computer objects/server info is being pulled along with user info.

Is there a way I can make the default filter just pull user info from Active Directory and not the all the other info?  I tried changing the filter in the LDAP Find in Directory screen (screenshot below) to "(&(objectclass=user))", but it does not save. 


Any recommendations on what needs to be done for me to have only user info pulled.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Former Member
‎04-12-2016 11:27 AM
0 Kudos

Hello Stephanie,

Please follow LDAP guide in SAP Note 1584110. In SPRO maintain the group parameter mapping for PROV and AUTH actions for the LDAP connector group. Here you can set objectclass as user by mapping 'User:OC' to 'user' or any other objectclass which suits your landscape.

Best Regards,

Zoltan

Show replies
Show replies
Former Member
‎04-12-2016 4:45 PM
0 Kudos

Hey Zoltan,

Thanks for the info.  So I made the changes as shown in the below window, but it did not change the search results.  The computer objects/server info are still being pulled along with the user info.

Former Member
‎05-03-2016 7:15 PM
0 Kudos

Hi Stephanie,

To search for users only in access request, map 'User:OC' to 'user' in group parameter mapping and assign a custom objectclass attribute to the LDAP connector, as attribute name 'OBJECTCLASS1' with attribute value '(OBJECTCATEGORY=PERSON)'. See also KBA note 2312009.

Best Regards,

Zoltan

Ask a Question