You can use cas.authn.pm.ldap[0].searchFilter , just make sure you set
others
required,
https://apereo.github.io/cas/6.5.x/password_management/Password-Management-LDAP.html
, something like the below would work, msds-parentname is a constructed
attribute in AD that holds the value of the current objects OU
cas.authn.pm.ldap[0].searchFilter=(&(objectClass=person)(!msds-parentdistname=OU=YourOU,DC=Example,DC=Com)(sAMAccountName={user}))
Jason
On Wednesday, March 30, 2022 at 3:56:56 AM UTC-5 artur mis wrote:
> If it comes about AD/LDAP I think that generaly it is depend on where you
> are binded with pm module user and where you have permision with this
> user to change passwords for other users.
>
> On Wednesday, March 16, 2022 at 9:13:46 PM UTC+1 stonej wrote:
>
>> Hello,
>>
>> Strange question. Is it possible to enable the password management for
>> all users apart from a specific OU or user(s) ?
>>
>> Using 6.5.1, Active Directory login. I want them to be able to login to
>> CAS but ignore any password queries or changes for a specific OU or user.
>>
>> Thanks
>>
>
--
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/02a9b232-05e8-4f83-9d73-b797ab02f86an%40apereo.org.
