Polycom Welding System 3725-77601-001H Manual Do Utilizador

Polycom CMA System Operations Guide 

362

Polycom, Inc.

The following table illustrates some more advanced examples of exclusion 

filter expressions.

To allow Microsoft Active Directory users with dynamically-managed 

endpoints to securely log into their endpoint without typing in their network 

credentials, the CMA system must be integrated with an Active Directory 

server and trusted by Active Directory. 
When the CMA system starts up, it performs the following actions.
• Uses Microsoft's LDAP ping mechanism to determine the site in which the 

system is located.

• Uses a DNS SRV record query to find a domain controller within the same 

site.

When an Active Directory user attempts to log into the CMA system, it 

authenticates the user by connecting to the domain controller that it is 

connected to and passes the user's credentials using NTLMv2. The credentials 

are seamlessly passed to the CMA system utilizing a secure channel 

connection from the user's workstation, using the credentials with which they 

logged into the workstation.

!(| (memberof=CN=Sales,DC=europe,DC=example,DC=com) 
(memberof=CN=IT,DC=europe,DC=example,DC=com))

Includes only users that are members of the 
‘Sales’ or ‘IT’ Groups in the domain 
europe.example.com.

The expression should be in continuous 
line with no carriage returns or extra 
spaces (not possible in this document’s 
format).

By excluding an entity, we implicitly mean 
to include all other entities. Conversely, by 
including an entity, we are implicitly 
excluding all other entities. Hence, this 
exclusion filter will suffice for a case where, 
for example, the administrator wants to 
include Sales and IT but exclude Human 
Resources, Engineering, etc., within the 
specified domain.

&(objectCategory=person)(objectClass=user)(userAccountContr
ol:1.2.840.113556.1.4.803:=2)

Excludes all users who are disabled. Note this 
is using a different but valid notation.