SAML Service Provider--User Settings
Only add users and groups from directories that are in the affiliate domain in which the Service Provider exists.
casso126
HID_samlsp-users-tab
Only add users and groups from directories that are in the affiliate domain in which the Service Provider exists.
The page lists the users and groups that are allowed access to resources at the Service Provider. This page also includes the following fields and controls:
- Allow Nested GroupsAllowsCA Single Sign-Onto return a user from a group that is nested in another group. Nested groups often occur in complex LDAP deployments.
- AND User/GroupsLets you configure an OR or AND relationship between the users or groups of users. The relationship instructs the Policy Server when to fire the rules included in a policy.For example, you could define the following group relationship in a policy:Authorize if Member of (Accounting AND Marketing AND Collections) OR (Legal AND Finance AND Support) OR (Shipping)The Policy Server only fires the policy when the user is a member of all the groups in the AND relationship or a member of the groups in the OR relationship.
- Add MembersOpens the Users/Groups dialog from where you can add and remove users and groups.
- Add EntryOpens the User Directory Search Expression Editor. The User Directory Search Expression Editor lets you use search expressions to locate users for authentication so the asserting party can generate assertions. Search expressions can bind users to a policy based on attributes that appear in user, group, and organization profiles.