Account Settings

On the Configuration > Settings > Account tab, specify the search scope that will be managed by the configured application.

Configure the Search Scope within the LDAP directory as follows:
- Subtree: to search the specified Search DN and all containers within it.
- Base: to search only the Search DN.
- One Level: to search the Search DN and the containers one level below it.
In the Search DN field, enter the distinguished name of the container. For example:

ou=people,dc=example,dc=com
Enter an optional Iterate Search Filter when you are iterating over account objects. This filter is applied while fetching groups from the Search DN.
The Group Member Search DN field represents a multivalued attribute to define the scope for group memberships.
The Group Member Search Filter is an optional filter in LDAP that limits the results returned by the Search DN.

For example, the following filter returns all entries that do not represent a person:

(! (objectclass=person))
The Filter String field is an optional filter applied to the results returned by the application. Derived attributes can be included in the filter.

For example, the following filter string removes users if there is an attribute named deleted and the value is true:

deleted == "true"
Select Save.

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Account Settings

Documentation Feedback