Modifying the user search criteria configured for a user store

You can modify the user search criteria that are configured for the user store as part of editing the configuration of a user store.
The user search criteria that you define for a user store applies to all the connections associated with the user store.
  1. In the
    User Store
    tab of the
    User Stores
    page, do one of the following steps:
    • Click the name of the user store to modify the user search criteria associated with it.
    • In the
      Action
      column of the user store for which you want to modify user search criteria, click
      Edit
      .
  2. In the resulting
    Edit User Stores
    page, click the
    Search Criteria
    tab.
  3. Click
    Edit
    .
  4. Enter or edit the following information and click
    Save
    :
    Field
    Description
    Search Criteria
    Base DN
    Edit the Base DN string, if necessary. This string indicates where to start searching for user information within the user store database.
    User Filter
    Edit your user store filters for the directory search, if necessary. For example:
    • To search for a user, use the format
      (&(uid=%s)(objectclass=organizationalPerson))
    • To search for a user in AD, use the format
      (&(&(objectClass=user)(objectCategory=person))(sAMAccountName=%s))
    • To search for a user in AD with Groupmembership enabled, use the format:
      (&(&(objectClass=user)(objectCategory=person))(sAMAccountName=%s)(memberOf=cn=Security_group,cn=Users,DC=sales,DC=acme,DC=com))
    Replace
    %s
    with the logging user name.
    Edit Default VIP User Name Attribute
    Select this check box if you want to edit the LDAP attribute value that is used as VIP User Name.
    VIP User Name Attribute
    Enter the value for the LDAP attribute to use as the VIP User Name.
    Select Attribute
    Select one or more attributes to choose the authentication channel to deliver the security code to the user through the appropriate VIP Enterprise components. For each attribute, enter up to 10 attribute types, separated by semicolons.
    • Email
      . Enter the attribute name that specifies the user email address.
      If you select the email attribute, VIP can send a new credential registration email if an additional credential is registered to an existing user for which an email address is available. Contact your account representative to enable this feature.
    • Mobile
      . Enter the attribute name that specifies the user mobile device identifier, such as a telephone number.
    • Phone
      . Enter the attribute name that specifies the user telephone number.
    DNS and NetBIOS Name
    Provide DNS and NetBIOS names for this user store, if necessary. You can add more than one value for the DNS and NetBIOS Name.
    VIP Registration Email Attribute
    Select Attribute
    Select
    Email
    to allow VIP to send an email with a My VIP registration link to all unregistered users in this user store. Customize the registration email in the
    Settings > Registration Email Settings
    tab.
    Email
    Enter the email attribute from this user store that VIP can use to send this email.
    Test Settings
    Test Connection
    Enter an existing user ID to verify that the user who is specified in the User Distinguished Name field has the correct search permissions to the user store. The test is mandatory to verify that the configuration is working.