Oracle iPlanet Web Proxy Server 4.0.14 Administration Guide

Guidelines for Creating Dynamic Groups

Consider the following guidelines when using the Administration Server interface to create new dynamic groups:

The attributes, scope, and (filter) parameters are identified by their positions in the URL. If you do not want to specify any attributes, you must still include the question marks (?) delimiting that field.

For more information about editing groups, see Editing Group Entries.

The following table lists the required parameters for the LDAP URL.

Table 4–4 Required Parameters for the LDAP URL

Parameter Name  

Description  

base_dn

The DN of the search base, or point from which all searches are performed in the LDAP directory. This parameter is often set to the suffix or root of the directory, such as o=mcom.com.

attributes

A list of attributes to be returned by the search. To specify more than one, use commas to delimit the attributes (for example, cn,mail,telephoneNumber). If no attributes are specified, all attributes are returned. This parameter is ignored for dynamic group membership checks.

scope

This parameter is required. 

The scope of the search, which can be one of these values: 

  • base retrieves information only about the distinguished name (base_dn) specified in the URL.

  • one retrieves information about entries one level below the distinguished name (base_dn) specified in the URL. The base entry is not included in this scope.

  • sub retrieves information about entries at all levels below the distinguished name (base_dn) specified in the URL. The base entry is included in this scope.

(filter)

This parameter is required. 

The Search filter to apply to entries within the specified scope of the search. If you are using the Administration Server interface, you must specify this attribute. The parentheses are required.