cancel
Showing results for 
Search instead for 
Did you mean: 
imtrying
Level 10

Is role mapping necessary

Jump to solution

We have purchased the Webgateway 7 and during the demonstration we told the engineer that we were only going to have one group, webusers.  Well he helped set that up and all was fine.  Now the management team has seen the functionality in the test group they want more groups.  Well here I am.  So we would like to have a restricted webusers group(which is an AD group) as well as differnt groups in AD to be able to get to facebook.

I have opened a ticket for help but of course I have the lowest priority(as expected) so I thought that I would ask here.  I read where Role mapping needs to happen after authentication, but my question is this.....why can't you use the authentication.usergroup property in the rule set criteria and allow MWG to only use the rule set that matches the criteria?  Why do you have to take the step to map authentication.usersgroups to authentication.user-defined?

Any help would be appreciated.

0 Kudos
1 Solution

Accepted Solutions
asabban
Level 17

Re: Is role mapping necessary

Jump to solution

Hello,

there is no need to utilize user-defined properties. I think this is done for demonstration purposes, and because it is the easiest approach to simulate the "policy" approach, that has been done in MWG6. You can directly utilize the Auth.UserGroups property in your criteria.

Best,

Andre

0 Kudos
2 Replies
asabban
Level 17

Re: Is role mapping necessary

Jump to solution

Hello,

there is no need to utilize user-defined properties. I think this is done for demonstration purposes, and because it is the easiest approach to simulate the "policy" approach, that has been done in MWG6. You can directly utilize the Auth.UserGroups property in your criteria.

Best,

Andre

0 Kudos
imtrying
Level 10

Re: Is role mapping necessary

Jump to solution

Thanks for the quick responce.  I could see no logical reason to do both.

Have MAKE it a great day.

Thanks again.

0 Kudos