You can also configure a claim that uses the groups to which the user belongs. Group mappings assign SharePoint permissions based on groups of users rather than individuals.
Some user directories define the groups of users by including an attribute in the record that contains the distinguished name (DN) of each group. The DN also appears as a cryptic value such as the following example:
entryDN=cn=grp12345,ou=Groups,dc=example,dc=com
Such claims are difficult to identify the name of the group associated with the value in the people picker.
The Agent for SharePoint uses two attribute mappings and the groups setting you specify in the SharePoint connection wizard to search for groups by their display name. The Agent for SharePoint retrieves both the display name of the group and DN of the group.
Both the display name and the DN of the group then appear in the people picker, for as shown in the following example:
cn=grp12345,ou=Groups,dc=example,dc=com(Sales Managers).
|
Copyright © 2013 CA.
All rights reserved.
|
|