You can configure your Account Import operations to exempt users from policy based on LDAP or XML attributes.
Exempts unknown users from policy. If your existing CA DataMinder user hierarchy contains users or groups not present in the LDAP directory or XML data file, you can exempt them from policy.
Exempt users are users who have a CA DataMinder account on the CMS but who are exempt from policy. That is, CA DataMinder does not monitor email, web or file activity for policy-exempt users.
Note: If required, you can use this parameter in conjunction with /me parameter to exempt unknown users from policy and move them to an ‘exceptions’ group.
If you are importing user details:
(Only required when importing user details from an LDAP directory)
Specifies the LDAP attribute or value which, if present, exempts CA DataMinder user accounts from policy. You must use this parameter together with the /pe parameter.
Do not add spaces around the '=' separator.
Defining an =<attribute value> is optional. You can exempt a user by specifying just an LDAP attribute.
Note: If neither attribute nor value is present, and the user account is currently set to be policy exempt, the exempt status is removed from the user account.
Examples:
/pl extensionAttribute1
The first example exempts all users from policy who have extensionAttribute1 set. For example, your organization may use this LDAP attribute to identify a specific team of users who are not subject to CA DataMinder control.
/pl Office=London
The second example exempts all users based in the London office. For example, your CA DataMinder license may only cover employees in your US offices.
|
Copyright © 2014 CA.
All rights reserved.
|
|