|
|
|
In order to configure a directory mapping, the user directory connections for both the authentication and authorization directories must be configured in the Policy Server User Interface. For information on configuring a user directory connection, see one of the following:
The following table describes supported types of directory mapping, and the method that can be used to map the authentication directory to the authorization directory.
|
|
Authorization Directory |
||
|---|---|---|---|
|
Authentication Directory |
LDAP |
Relational Database |
WinNT |
|
LDAP |
Identical DN |
Universal ID |
N/A |
|
AD |
Identical DN |
Universal ID |
N/A |
|
Relational Database |
Universal ID |
Identical DN |
N/A |
|
WinNT |
Universal ID |
Universal ID |
Identical DN |
To configure a directory mapping
The Directory Mappings dialog opens.
The Add Directory Mapping dialog opens.
Maps the user’s distinguished name (DN) exactly from the authentication directory to the authorization directory. For example, if a user is located in an LDAP authentication directory and has a DN of uid=jsmith, ou=people, o=security.com, the exact string is used to locate the user in the authorization directory. Therefore, the authorization directory must contain the DN: uid=jsmith, ou=people, o=security.com.
Matches the value of the Universal ID attribute from the authentication directory with the value of the Universal ID field from the authorization directory to identify the user.
The Policy Server saves your changes and closes the Add Directory Mapping dialog. The new directory mapping appears in the Directory Mapping dialog.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |