Product Documentation

How LDAP Group Extraction Works from the Group Object Indirectly

May 03, 2013

LDAP servers that evaluate group memberships from group objects indirectly will not work with NetScaler Gateway authorization.

Some LDAP servers, such as Lotus Domino, enable group objects only to contain information about users. These LDAP servers do not enable the user object to contain information about groups and thus will not work with NetScaler Gateway group extraction. For this type of LDAP server, group membership searches are performed by locating the user in the member list of groups.