Defining a unique group ID - PingFederate - 10.2

PingFederate Server

bundle
pingfederate-102
ft:publication_title
PingFederate Server
Product_Version_ce
PingFederate 10.2
category
Product
pf-102
pingfederate
ContentType_ce

On the Unique Group ID tab, you can create an LDAP filter to resolve groups for System for Cross-domain Identity Management (SCIM) operations.

PingFederate uses this LDAP filter in conjunction with the Base DN value, defined on the Location tab, to add new groups.

Screen capture of the Unique Group ID tab showing the Filter field.
Note:

This tab appears only if you are configuring an LDAP user store for provisioning and you have selected the User and Group Support option on the Connection Type tab.

Enter the statement in the Filter text field.

The filter is in the form: attribute=${value} where attribute is an attribute in your user-datastore and value is the attribute value or values passed in from the SCIM request. To see a list of available attributes in your user-datastore, click View List of Available LDAP Attributes. Variables for these attributes, including the correct syntax, are listed under SCIM Attributes.

Note:

Unlike filters used to retrieve LDAP attributes for adapter mapping, do not enclose the statement in parentheses.

Tip:

If you are unfamiliar with writing LDAP queries, see the documentation accompanying your LDAP installation.