Resource Partner--Users Settings
The Users settings let you specify the users and groups that can access resources at the Resource Partner. The Account Partner generates tokens that include assertions for these users for authentication purposes.
casso126
HID_wsfed-rp-users
The Users settings let you specify the users and groups that can access resources at the Resource Partner. The Account Partner generates tokens that include assertions for these users for authentication purposes.
You can only add users and groups from directories that are included in the affiliate domain in which the Resource Partner exists.
This dialog includes the following fields and controls:
- Allow Nested GroupsAllowsCA Single Sign-Onto return a user from a group that is nested in another group. Nested groups often occur in complex LDAP deployments.
- AND User/GroupsLets you configure an OR or AND relationship between the users or groups of users. The relationship instructs the Policy Server when to fire the rules included in a policy.For example, you could define the following group relationship in a policy:Authorize if Member of (Accounting AND Marketing AND Collections) OR (Legal AND Finance AND Support) OR (Shipping)The Policy Server only fires the policy when the user is a member of all the groups in the AND relationship or a member of the groups in the OR relationship.
- Add MembersOpens the Users/Groups dialog from where you can add and remove users and groups.
- Add EntryOpens the User Directory Search Expression Editor. The User Directory Search Expression Editor lets you use search expressions to locate users for authentication so the asserting party can generate assertions. Search expressions can bind users to a policy based on attributes that appear in user, group, and organization profiles.