Previous Topic: Account Suspension and UnlockingNext Topic: Troubleshooting

Connector GuidesConnectors GuideConnecting to EndpointsCA DLP ConnectorConnector Specific FeaturesAccount ManagementGroups and Hierarchies

Groups and Hierarchies

CA DLP maintains a user hierarchy. Groups can also contain users. The user hierarchy is built up dynamically as users are provisioned to CA DLP. Groups that contain users and other groups are typically built from the attributes belonging to users provisioned to CA DLP.

The CA DLP Connector does not display the CA DLP group hierarchy. However, you can use the CA DLP Connector to provision a user into a group or groups on the CA DLP endpoint.

The account template associated with a CA DLP endpoint lets you define a rule string that specifies the group hierarchy and the groups you want to provision the user to. The rule string is defined in the Groups field.

When you provision a user with the CA DLP Connector, CA DLP dynamically creates the groups and the group hierarchy based on the rule strings specified in the Group field on the CA IdentityMinder account template.

For example, specifying the following rule string %COUNTRY%/%UC%/%UB%/%UL% in the Group field groups users by country, city, building, and location on the CA DLP endpoint.