Search filter used with secondary LDAP directory
Choose the method for obtaining mainframe usernames from your secondary LDAP directory.
-
Use value derived from the UPN.
When using a secondary LDAP directory, "
auser
" is used as the derived value to look up another value in the secondary directory that contains the mainframe username.For instance, a search filter could be created for a secondary lookup, where “(
some attribute in 2ndary=auser
)”Enter the attribute from the secondary directory.
-
Alternatively, Automated Sign for Mainframe can use a value of another attribute in the authenticating directory can be used as the value in the search filter to find the object in the secondary LDAP directory containing the user's mainframe username.
Enter the attributes for both the authenticating and the secondary LDAP servers.