Posted on March 7, 2008 by gpedersen

NSD1099 How to create a default policy

Fact

Nordic Edge Identity Manager 3 and later

Situation

Create a default policy that affects all users in the organisation. The policy should include the following:

 

GROUPMEMBER_ATTRIBUTE

BASEDN (MyDN)

LOAD_TAB

AUTO_LOAD_TAB_DIRECTORY (NONE)

 Try to login to Nordic Edge Identity Manager Web Based Client as an administrator and as a regular user.

Solution

1. In the Nordic Edge Identity Manager Standalone client right click the top of the catalogue tree and select Object Properties.

2. The GROUPMEMBER_ATTRIBUTE is set under Policies – System – LDAP. Note! The value differs depending on which directory service being used. In this case 

Microsoft Active Directory is being used and the attribute is called “memberOf” but in Novell eDirectory the attribute is called “groupMembership” for instance.

3. BASEDN policy sets the start base of the directory. To prevent the user to see anything but its own user the value is set to “MyDN”.

4. The LOAD_TAB policy determines which tabs the user is allowed to see when logged in to Nordic Edge Identity Manager. In this case the user should only be able to see the user general tab which displays the users own info. If a template is being used inside the tab that to have to be selected.

5. If the tabs shouldn’t be auto-loaded from file that function has to be disabled. The function get’s disabled by setting the value “none” in the AUTO_LOAD_TAB_DIRECTORY policy.

6. When logging in to Nordic Edge Identity Manager Web Based Client as an administrator it looks like this:

7. When logged in as a regular user the only tab visable is the user general tab.

Disclaimer

The origin of this information may be internal or external to Nordic Edge™. Nordic Edge™ makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Nordic Edge™ makes no explicit or implied claims to the validity of this information. Any trademarks referenced in this document are the property of their respective owners.

Nordic Edge Support – www.nordicedge.se

Download article as PDF

Comments are closed.