Cisco Cisco Web Security Appliance S380 Guida Utente

 describes the user object settings. 

Group Membership 
Attribute Within User 
Object

Choose the attribute which list all the groups that this 
user belongs to.

Choose one of the following values:

memberOf. Unique identifiers in the LDAP 
directory that specify user members.

custom. A custom identifier such as 

UserInGroup

.

Group Membership 
Attribute is a DN

Specify whether the group membership attribute is a 
distinguished name (DN) which refers to an LDAP 
object. For Active Directory servers, enable this option.

When this is enabled, you must configure the 
subsequent settings.

Attribute that 
Contains the Group 
Name

When the group membership attribute is a DN, this 
specifies the attribute that can be used as group name in 
policy group configurations.

Choose one of the following values:

cn. A unique identifier in the LDAP directory that 
specifies the name of a group.

custom. A custom identifier such as 

FinanceGroup

.

Query String to 
Determine if Object 
is a Group

Choose an LDAP search filter that determines if an 
LDAP object represents a user group.

Choose one of the following values:

objectclass=groupofnames 

objectclass=groupofuniquenames 

objectclass=group 

custom. A custom filter such as 

objectclass=person

.

Note: The query defines the set of authentication groups 
which can be used in Web Security Manager policies.