Reset Search



Creating a partial string match on a LDAP host rule in Control (NAC)

« Go Back


TitleCreating a partial string match on a LDAP host rule in Control (NAC)
To get a partial string match from the variables within a LDAP Host Lookup
Access Control
Network Access Control

We can match variables within a distinguished name from a LDAP Host client. This is done as an End Systems Group, and not a User Group as we do for most LDAP User client logins.
1. Go to Control->Access Control->Group Editor->End Systems Group->Add->Add type End System:LDAP Host Group
User-added image

2. Use DistinguishedName as a variable, put asterisks around the partial strong we want to match on. 

You can use the lookup tool here to make sure that the string you are looking for exists for the host lookup Using the Lookup Button.
Click Add to add Entry
User-added image
3. Once added, this will need to be Saved and Closed.
User-added image
4. Once added as an End Systems Group Element, the Appliances will need to be enforced. This is noted with a yellow exclamation mark next to engines.
Click on the Enforce button and apply to appliance engines.
User-added image

Additional notes



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255