Novell ACCESS MANAGER 3.1 SP2 - POLICY GUIDE 2010 Manual page 60

5 In Condition Group 1, select the conditions the user must meet:
LDAP Group: Select the Identity Server Configuration, the user store, then the Group. The
following figure illustrates this selection process.
Comparison: Select how you want the attribute values to be compared. For LDAP Group,
select Is Member of.
Value: Select LDAP Group, then select [Current].
The DN of the authenticated user is compared with the members of the LDAP Group. If the DN
of the user matches one of the members, the user matches the condition.
Result on Condition Error: This sets up the results that are returned if an error occurs while
evaluating the condition (for example, the LDAP server goes down). This rule is set up to grant
the user the role of ManagersGroup if the condition evaluates to True. If an error occurs, you do
not want random users assigned the role of ManagersGroup. Therefore, for this rule, you need
to select False.
6 In the Actions section, click Activate Role.
7 In the Activate Role box, type
The name you enter in the box is the role you want assigned to the users who match the
condition.
60 Novell Access Manager 3.1 SP2 Policy Guide
, then click OK.
ManagersGroup