Previous Topic: EnableCustomExprOnly Registry Key

Next Topic: Example 1

Enable LegacyCertMapping Registry Key

Using LDAP syntax to create search filters that contain logic operators requires you to enable the LegacyCertMapping registry key. Enabling the registry key allows legacy behavior in certificate mapping, which ensures that users are authenticated using the specified LDAP search criteria.

To enable the registry key on Windows

  1. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\
    PolicyServer, and open LegacyCertMapping.
  2. Edit the KeyType value to REG_DWORD.
  3. Edit the Values value to 1.

    Note: If a value other than 0x1 is set, or the registry value does not exist, the registry key is disabled.

  4. Save the registry key.

    LegacyCertMapping is enabled, and LDAP search filter syntax can be used with custom mapping.

To enable the registry key on UNIX

  1. Open the sm.registry file.
  2. Add the following lines to the file:
    HKEY_LOCAL_MACHINE\SOFTWARE\Netegrity\SiteMinder\CurrentVersion\
    PolicyServer=XXXXX
    LegacyCertMapping=0X1 REG_DWORD
    
  3. Save the file.

    LegacyCertMapping is enabled, and LDAP search filter syntax can be used with custom mapping.


Copyright © 2010 CA. All rights reserved. Email CA about this topic