Filter
Top Products
6-28
User Guide for Cisco Digital Media Manager 5.2.x
OL-15762-03
Chapter 6 Authentication and Federated Identity
Procedures
Derive LDAP Group Membership Dynamically from a Query
NEW IN CISCO DMS 5.2.1—You can populate a user group with the returned output from a User Base DN
query. However, a group of this kind differs in important ways from a group that you populate manually.
Note • Membership of such groups is dynamic—based on shared characteristics among the group of Active Directory
users who match your query.
• We update and clean these groups automatically during synchronization. Their membership will change after
synchronization runs, when the corresponding records in Active Directory show that a user's membership should start
or stop.
• An imported Active Directory group is always read-only in DMS-Admin. By protecting it, we ensure that it is always correct,
relative to the original and subject to any delay between synchronizations. For this reason, you cannot edit their memberships
rolls manually.
• When you try to delete a user from a group of this type, DMS-Admin shows an error message.
Before You Begin
• Choose LDAP as your authentication method.
Procedure
Step 1 Choose Administration > Security > Authentication.
Step 2 Click Define Filter,
Step 3 Use elements on the Define Filter property sheet to define, validate, and add one LDAP filter.
Step 4 Would you like to add users to a group that exists already? If so, choose that group name from the User
Group (in DMM) list.
OR
Would you like to create and populate an entirely new group? If so, choose Create a New User Group
from the User Group (in DMM) list. Then, use the Group Name field to enter a name for the new group.
Step 5 Would you like to check your filter’s syntax? If so, click Validate.
Step 6 Click Update.
Step 7 Stop. You have completed this procedure.