SonicOS 7.1 Users
Table of Contents
Configuring Local Groups Settings
To add or edit a group
- Navigate to the Device > Users > Local Groups page.
- Click Add Group.
- In the Membership Settings select any one of the following:
This can match a domain user group
Members are set locally only
Memberships are set by the user's location in the LDAP directory
- In the Name field, enter a name for the new local group.
The name of a predefined user or group cannot be edited and the field is dimmed.
-
In the Domain Name field, enter the domain name.
- In the Domain field, select Any or Select Domain.
If you enter a domain name that is not listed, you must enter the full domain name or an error message is displayed.
- Optionally, in the Comment field enter a comment about the local group .
-
Optionally, select Memberships are set by user’s location in the LDAP directory checkbox. If this setting is enabled, when users log in or are identified through SSO, if their user object on the LDAP server is at the location specified in LDAP Location (or under it if appropriate), they are given membership to this user group for the session. This setting is disabled by default.
Local users and other groups also can be made members of the group on the Members view.
If you enable this setting, the LDAP Location field becomes active.
-
In the LDAP Location field, enter the location in the LDAP directory tree. The location can be given as a path (for example, domain.com/users) or as an LDAP distinguished name.
If LDAP user group mirroring is enabled, then for mirror user groups this field is read-only and displays the location in the LDAP directory of the mirrored group.
- Select precisely where the location is from one of the For Users options:
- at or under the given location (default)
- at the given location
-
- Optionally, to require one-time passwords for the group, select One-time passwords. If you enable this setting, users must have their email addresses set.
- Click Update.