Skip to main content

Adding Role Conditions Based on an Active Directory Property

You can add an include or exclude role condition based on an Active Directory property.

To create a new role based on Active Directory property:

  1. Perform the steps in Creating a New Role.
  2. Open the Conditions tab of the Role Properties dialog box. The Group and OU subtab opens.
  3. Open the AD Property tab.
  4. Click Add Condition . The Conditions dialog box opens.
  5. Select an AD property from the first list, such as Department .
  6. In the Search field, enter a search term, such as Sales .
  7. Click Search .
  8. Select item(s) in the search results list,
  9. Select either Include Properties or Exclude Properties .
  10. Click Select .
  11. Close the Add Conditions dialog box. On the Conditions > AD Property tab, the selected properties are listed.
  12. In the Operator column, select one of the following options to configure this condition:
    • Equal To
    • Greater Than
    • Less Than
    • Contains
    • Starts With
    • Ends With
  13. In the Enforcement column, select either Include Property or Exclude Property .
  14. If desired, select the Apply to OU and child OUs option.
  15. Click Save Role .

See Also

Conditions Tab