Issue:

Customer would like to add multiple groups from Active Directory as roles in Ephesoft.

 

Solution:

When you set up the dcma-user-connectivity.properties file, you have the ability to add multiple groups in the roles used for restricting Batch Classes in Ephesoft.

 

In the dcma-user-connectivity.properties file, this is controlled in the ‘user.msactivedirectory_group_search_filter=’ option. The following is an example of a value for this option which allows all Active Directory groups that start with ‘Ephe’ such as groups EphesoftAdmins, EphesoftUsers, EpheOperator, etc… It also includes all groups that start with ‘Operator’.

user.msactivedirectory_group_search_filter=(|(cn=Ephesoft*)(|(cn=Operator*)))

 

 

This field uses the following switches:

# filter can have |(OR), &(AND) and !(NOT)
# | (|(cn=a*))
# & (&(cn=a*))
# ! (!(cn=a*))

 

 

 

 

 

When creating a group search filter, a few things are required:

  1. Include the switch option for or ‘|’ in front of all groups which you would like included.
  2. Place each option in parenthesis and include the whole list in a set of parenthesis.
  3. It is best not to include spaces in the list of options.




Was this article helpful to you?

J.D. Abbey

Comments are closed.