Configure a User Directory for ICAS
Authentication of the user depends on finding a match between one of the claims presented to ICAS and a user attribute in the user database. During token disassembly, the specified claim value is used as a lookup value in the user directory. Therefore, the user directory must be configured so that the LDAP lookup string or SQL query scheme specifies the user attribute that corresponds to the specified claim. The following examples show how to configure an LDAP lookup string and SQL query scheme for an email address.
LDAP User DN Lookup group box
(mail=
)
SQL Queries group box
SELECT EmailAddress, 'User' FROM SmUser WHERE EmailAddress = '%s' UNION SELECT Name, 'Group' FROM SmGroup WHERE Name = '%s'
SELECT EmailAddress FROM SmUser WHERE EmailAddress = '%s' AND Password = '%s'
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |