external-group-attribute

Use the external-group-attribute entry to indicate which STSUU attribute in the RSTR contains the external group identities that are used when authenticating an external user. Remove this configuration entry if you do not want to allow authentication using an external group identity.

Syntax

external-group-attribute = attribute_name

Description

If this entry is set, the appliance searches for an external group identity in the STSUU. If an external group identity is present, it will be used without further changes. If this entry is not configured, an external group identity cannot be used to authenticate the user. You can specify multiple attributes in the form of a comma separated list.

The group information is only used if the user is authenticating as an external user.

Options

attribute_name: The name of the external group identity attribute to be extracted from the RSTR. .

Usage

This stanza entry is optional.

Default value

am-ext-user-groups

Example

external-group-attribute = am-ext-user-groups