Policy Server Guides › Policy Server Configuration Guide › Policies › Add Users by Manual Entry

Add Users by Manual Entry

In addition to using the Available Members list in the Policy Users/Groups Dialog to specify the users and groups to include in a policy, you can specify a user or search string in the Manual Entry group box.

To add a user or group by manual entry

1. Click the Policies tab, and then click Domains, Modify Policy.

   The search window appears.

2. (Optional) Fill out the search form to narrow your search criteria.
3. Click Search.

   A list of policies appears.

4. Click the option button on the left of the policy you want, and then click Select.

   The Modify Policy: Name pane appears.

5. Click the Users tab.

   The user directories associated with the domain appear in the User Directories group box.

6. In the Policy Users/Groups Dialog, do one of the following:
   • For Active Directory user directories, specify the following settings:

     Manual Entry Field

     Specifies a search filter for the Active Directory user directory.

     Validate Entry Check Box

     Specifies whether the search filter is validated before the entry is added to the Active Directory user directory.

     Note: If validation of the Active Directory search filter fails, clear this check box.

     Default: Selected

   • For LDAP directories, select one of the following search types from the Where to Search drop-down list:

     Validate DN

     Locates the DN in the directory.

     Search Users

     Limits search to matches in user entries.

     Search Groups

     Limits search to matches in group entries.

     Search Organizations

     Limits search to matches in organization entries.

     Search Any Entry

     Limits searches to matches in user, group, and organization entries.

   • For Microsoft SQL Server, Oracle, and WinNT directories, type a user name in the Manual Entry field.

     Note: For Microsoft SQL Server and Oracle, you can type a SQL query in the Manual Entry field instead of a user name.

     Example: SELECT NAME FROM EMPLOYEE WHERE JOB =’MGR’;

   The Policy Server executes the query as the database user specified in the Username field of the Credentials and Connection tab for the user directory. Before constructing the SQL statement for the Manual Entry field, become familiar with the database schema for the user directory. For example, if you are using the SmSampleUsers schema and want to add specific users, you could select from the SmUser table.

   Note: For an LDAP directory, you can enter "all" in the Manual Entry field to bind the policy to the entire LDAP directory.

7. Click Add to Current Members.

   The Administrative UI adds the user or query to the Current Members list.

8. Click OK to save your changes and return to the Modify Policy: Name pane.