LDAP user directories can contain groups that contain other groups. In very complex directories, a hierarchy of nested groups is one way to organize tremendous amounts of user information.
For each LDAP user directory, you can specify that the policy allow nested groups. When nested groups are allowed in an LDAP directory, each user group in the directory and all sub-groups are searched when the policy is processed. When nested groups are not allowed, each user group in the directory is searched, but no sub-groups can be searched, when the policy is processed.
To allow nested groups in a policy that contains an LDAP user directory
The User Directories pane opens and contains group boxes that correspond to the user directories associated with the policy domain.
The Modify Policy Task is submitted for processing, and nested groups are allowed for the specified LDAP user directories.
Copyright © 2012 CA.
All rights reserved.
|
|