This procedure describes how to configure the LDAP role search parameters when Microsoft Active Directory (AD) is used.

Role search for Avaya Aura® Web Gateway users are really about finding the associated role strings for a user in LDAP. For AD, this is about the user group names that a user belongs to.

In Microsoft Active Directory, the DNs of the groups that a user belongs to are stored in the memberOf attribute of a user. The memberOf attribute also stores the Exchange mailing lists that a user belongs to. Conversely, the group objects that the user belongs to contain a member attribute that stores the DNs of all of the users and sub-groups that are members of this group.