Previous Topic: User Classes

Next Topic: Define a User Class

User Class Use Case

This use case represents a basic scenario in which two LDAP user directories identify membership in the Administrator group using different underlying schema.

The following illustration details how the user class @Admin can be calculated for users in different user directories through user attribute mapping. User attribute mapping lets you map one common name to different user attribute names in different user directories.

User class example

  1. Two user directories identify membership in the Administrator group differently. To create a common view of this information, you can create user attribute mappings:
  2. @Admin is the named expression of type user class that SiteMinder evaluates to determine if users in both directories are Administrators:
    (IsAdmin)
    
  3. Instead of entering the expression (IsAdmin) repeatedly, you can create a user class named @Admin that is defined as: (IsAdmin). Then, you can enter @Admin each time that the expression is needed.


Copyright © 2010 CA. All rights reserved. Email CA about this topic