Policy Server Guides › Policy Server Configuration Guide › User Directories › Named Expressions › Define Named Expressions › User Classes › User Class Use Case
User Class Use Case
This use case represents a basic scenario in which two LDAP user directories identify membership in the Administrator group using different underlying schema.
The following illustration details how the user class @Admin can be calculated for users in different user directories through user attribute mapping. User attribute mapping lets you map one common name to different user attribute names in different user directories.
- Two user directories identify membership in the Administrator group differently. To create a common view of this information, you can create user attribute mappings:
- IsAdmin maps to the underlying directory schema that identifies membership in the Administrator group in Directory A.
- IsAdmin maps to the underlying directory schema that identifies membership in the Administrator group in Directory B.
- @Admin is the named expression of type user class that SiteMinder evaluates to determine if users in both directories are Administrators:
(IsAdmin)
- Instead of entering the expression (IsAdmin) repeatedly, you can create a user class named @Admin that is defined as: (IsAdmin). Then, you can enter @Admin each time that the expression is needed.