Active Directory Global Catalog
When listing users in the Entitlements Manager, some users are listed twice.
Access Manager requires that a user datastore be defined for the local domain as well as for the Global Catalog. The user datastore for the local domain is where local users would be created. It should be noted that when using the Global Catalog, the Entitlements Manger should not be used to manage users. Instead, domain users should be managed externally using Microsoft tools. The user.basedn for the local datastore must be defined, else an error message is generated. This configuration setting should point to a dummy location where no users reside. Users on the local domain will still be visible through the Forest view, provided by the Global Catalog.
For example, create a container in the local domain called CTUSERS.
Point the user datastore for the local datastore to this empty container.
cleartrust.data.ldap.user.basedn cn=CTUSERS, cn=Users,dc=domain,dc=com
Related Articles
Licenses Number of Views Uninstall a License Number of Views Extend an Evaluation License Number of Views Check License Status Number of Views View Installed Licenses Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA Release Notes for RSA Authentication Manager 8.8 Generate a Certificate Signing Request (CSR) for the Web Tier RSA SecurID Software Token 4.1.2 and 4.2.1 for Mac OS X displays: No token storage device was detected. Verify that the de… RSA Authentication Manager 8.8 Security Configuration Guide
