Issue:
Customer would like to add multiple groups from Active Directory as roles in Ephesoft.
Solution:
When you set up the dcma-user-connectivity.properties file, you have the ability to add multiple groups in the roles used for restricting Batch Classes in Ephesoft.
In the dcma-user-connectivity.properties file, this is controlled in the ‘user.msactivedirectory_group_search_filter=’ option. The following is an example of a value for this option which allows all Active Directory groups that start with ‘Ephe’ such as groups EphesoftAdmins, EphesoftUsers, EpheOperator, etc… It also includes all groups that start with ‘Operator’.
[blockquote float=”left”]user.msactivedirectory_group_search_filter=(|(cn=Ephesoft*)(|(cn=Operator*)))[/blockquote]
This field uses the following switches:
[blockquote float=”left”]# filter can have |(OR), &(AND) and !(NOT)
# | (|(cn=a*))
# & (&(cn=a*))
# ! (!(cn=a*))[/blockquote]
When creating a group search filter, a few things are required:
- Include the switch option for or ‘|’ in front of all groups which you would like included.
- Place each option in parenthesis and include the whole list in a set of parenthesis.
- It is best not to include spaces in the list of options.