Forum Discussion

Sinistrad_29710's avatar
Sinistrad_29710
Icon for Nimbostratus rankNimbostratus
Feb 09, 2017

Two AD groups to add for APM authentication

Hi,

 

I have to add two groups AD for APM authentication, but i'm not sure about the syntax. I tried this but not working :

 

(|(expr { [mcget {session.ad.last.attr.memberOf}] contains "CN=FR_SOFT_SBE_YAMGAS_PAR,OU=Groups,OU=Paris,OU=FR,OU=EMEA,DC =domain " })(expr { [mcget {session.ad.last.attr.memberOf}] contains "CN=FR_SOFT_SBE_CORAL_PAR,OU=Groups,OU=Paris,OU=FR,OU=EMEA,DC =domain" }))

 

Please help about the syntax

 

3 Replies

  • Hello Sinistrad,

     

    Could you please give more details about the scenario you are trying to implement, where are you trying to add this in which APM item ?

     

    Thanks

     

  • Hi Jad,

     

    I'm using this scenario :

     

     

    In AD query :

     

    CN=Sinistrad,OU=Users,OU=Paris,OU=FR,OU=EMEA,DC=domain

     

    But the user cannot connect, when I check the APm report, I see a failure after AD Query :

     

    2017-02-09 17:00:41 Executed agent '/Common/access_sbe_maquette-ad_query_auth_otp_by_email_and_resources_2_act_active_directory_query_ag', return value 0 2017-02-09 17:00:41 Following rule 'fallback' from item 'AD Query' to terminalout 'Failure'

     

    Thank you for your help,

     

  • How about this:

    expr { [mcget {session.ad.last.attr.memberOf}] contains "CN=FR_SOFT_SBE_YAMGAS_PAR,OU=Groups,OU=Paris,OU=FR,OU=EMEA,DC=domain" or [mcget {session.ad.last.attr.memberOf}] contains "CN=FR_SOFT_SBE_CORAL_PAR,OU=Groups,OU=Paris,OU=FR,OU=EMEA,DC=domain" }