Home > Configuration > Authentication > setauthenticationldapaction_nestedgroupextraction

setauthenticationldapaction_nestedgroupextraction

Use this method to set allow nested group extraction, in which the Citrix ADC queries external LDAP servers to determine whether a group is part of another group.

Syntax



Parameters

name

Name of the LDAP profile to modify.
This is mandatory parameter.

nestedgroupextraction

Allow nested group extraction, in which the Citrix ADC queries external LDAP servers to determine whether a group is part of another group.
Default value = OFF.
Possible Values : ON, OFF.

maxnestinglevel

If nested group extraction is ON, specifies the number of levels up to which group extraction is performed.
Default value = 2.
Minimum value = 2.

groupnameidentifier

Name that uniquely identifies a group in LDAP or Active Directory.

groupsearchattribute

LDAP group search attribute. Used to determine to which groups a group belongs.

groupsearchsubattribute

LDAP group search subattribute. Used to determine to which groups a group belongs.

groupsearchfilter

String to be combined with the default LDAP group search string to form the search value. For example, the group search filter ""vpnallowed=true"" when combined with the group identifier ""samaccount"" and the group name ""g1"" yields the LDAP search string ""(&(vpnallowed=true)(samaccount=g1)"". If nestedGroupExtraction is ENABLED, the filter is applied on the first level group search as well, otherwise first level groups (of which user is a direct member of) will be fetched without applying this filter. (Be sure to enclose the search string in two sets of double quotation marks; both sets are needed.)

Return Value

Returns simpleResult

See Also

addauthenticationldapaction

getauthenticationldapaction

rmauthenticationldapaction

setauthenticationldapaction_alternateemailattr

setauthenticationldapaction_attribute1

setauthenticationldapaction_attribute10

setauthenticationldapaction_attribute11

setauthenticationldapaction_attribute12

setauthenticationldapaction_attribute13

setauthenticationldapaction_attribute14

setauthenticationldapaction_attribute15

setauthenticationldapaction_attribute16

setauthenticationldapaction_attribute2

setauthenticationldapaction_attribute3

setauthenticationldapaction_attribute4

setauthenticationldapaction_attribute5

setauthenticationldapaction_attribute6

setauthenticationldapaction_attribute7

setauthenticationldapaction_attribute8

setauthenticationldapaction_attribute9

setauthenticationldapaction_attributes

setauthenticationldapaction_authentication

setauthenticationldapaction_authtimeout

setauthenticationldapaction_cloudattributes

setauthenticationldapaction_defaultauthenticationgroup

setauthenticationldapaction_email

setauthenticationldapaction_followreferrals

setauthenticationldapaction_groupattr

setauthenticationldapaction_kbattribute

setauthenticationldapaction_ldapbase

setauthenticationldapaction_ldapbinddn

setauthenticationldapaction_ldapbinddnpassword

setauthenticationldapaction_ldaphost

setauthenticationldapaction_ldaplogin

setauthenticationldapaction_mssrvrecordlocation

setauthenticationldapaction_otpsecret

setauthenticationldapaction_passwdchange

setauthenticationldapaction_passwordlessmgmtaccess

setauthenticationldapaction_pushservice

setauthenticationldapaction_referraldnslookup

setauthenticationldapaction_requireuser

setauthenticationldapaction_searchfilter

setauthenticationldapaction_sectype

setauthenticationldapaction_server

setauthenticationldapaction_serverip

setauthenticationldapaction_serverport

setauthenticationldapaction_sshpublickey

setauthenticationldapaction_ssonameattribute

setauthenticationldapaction_subattribute

setauthenticationldapaction_svrtype

setauthenticationldapaction_validateservercert

unsetauthenticationldapaction_alternateemailattr

unsetauthenticationldapaction_attribute1

unsetauthenticationldapaction_attribute10

unsetauthenticationldapaction_attribute11

unsetauthenticationldapaction_attribute12

unsetauthenticationldapaction_attribute13

unsetauthenticationldapaction_attribute14

unsetauthenticationldapaction_attribute15

unsetauthenticationldapaction_attribute16

unsetauthenticationldapaction_attribute2

unsetauthenticationldapaction_attribute3

unsetauthenticationldapaction_attribute4

unsetauthenticationldapaction_attribute5

unsetauthenticationldapaction_attribute6

unsetauthenticationldapaction_attribute7

unsetauthenticationldapaction_attribute8

unsetauthenticationldapaction_attribute9

unsetauthenticationldapaction_attributes

unsetauthenticationldapaction_authentication

unsetauthenticationldapaction_authtimeout

unsetauthenticationldapaction_cloudattributes

unsetauthenticationldapaction_defaultauthenticationgroup

unsetauthenticationldapaction_email

unsetauthenticationldapaction_followreferrals

unsetauthenticationldapaction_groupattr

unsetauthenticationldapaction_groupnameidentifier

unsetauthenticationldapaction_groupsearchattribute

unsetauthenticationldapaction_groupsearchfilter

unsetauthenticationldapaction_groupsearchsubattribute

unsetauthenticationldapaction_kbattribute

unsetauthenticationldapaction_ldapbase

unsetauthenticationldapaction_ldapbinddn

unsetauthenticationldapaction_ldapbinddnpassword

unsetauthenticationldapaction_ldaphost

unsetauthenticationldapaction_ldaplogin

unsetauthenticationldapaction_maxldapreferrals

unsetauthenticationldapaction_maxnestinglevel

unsetauthenticationldapaction_mssrvrecordlocation

unsetauthenticationldapaction_nestedgroupextraction

unsetauthenticationldapaction_otpsecret

unsetauthenticationldapaction_passwdchange

unsetauthenticationldapaction_passwordlessmgmtaccess

unsetauthenticationldapaction_pushservice

unsetauthenticationldapaction_referraldnslookup

unsetauthenticationldapaction_requireuser

unsetauthenticationldapaction_searchfilter

unsetauthenticationldapaction_sectype

unsetauthenticationldapaction_serverport

unsetauthenticationldapaction_ssonameattribute

unsetauthenticationldapaction_subattribute

unsetauthenticationldapaction_svrtype

unsetauthenticationldapaction_validateservercert