LDAPv3 User Verification for Cloud Access Service
LDAPv3 User Verification for Cloud Access Service
The identity router verifies the user’s identity source account by checking with the directory server. If the account is enabled, the identity router sends the Authenticate OTP to the Cloud Access Service (CAS) for verification. If your deployment uses an LDAPv3 identity source, RSA checks the following user attributes to determine the user's disabled status.
| Attribute | Setting |
|---|---|
| ds-pwp-account-disabled | true for disabled accounts. |
| nsaccountlock | true for disabled accounts. |
| shadowExpire | 0 for disabled accounts. |
If your LDAPv3 server does not use these attributes to indicate disabled status, RSA treats all users in the identity source as enabled.
Related Articles
Identity Sources for Cloud Access Service Number of Views Manage Users for Cloud Access Service Number of Views Authentication Methods for Cloud Access Service Users Number of Views RSA Release Notes: Cloud Access Service and RSA Authenticators Number of Views Emergency Access for Cloud Access Service Users Number of Views
Trending Articles
RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide RSA Release Notes for RSA Authentication Manager 8.8 Troubleshooting RSA MFA Agent for Microsoft Windows How to download and install the AFX Server Archive in RSA Identity Governance & Lifecycle The Template ({Connector Template Name}) has missing file content error when creating AFX Connectors in RSA Identity Gover…
Don't see what you're looking for?
