Configure Active Directory Lookups for User Groups
You can retrieve user group information that is based on your user name through a user group lookup on a synchronized Active Directory (AD) server.
For this lookup, you must have been authenticated by SCP before. You must also have Skyhigh Cloud Connector installed and attributes configured for it, see Cloud Connector Config Custom Attributes.
To configure this lookup, proceed as follows:
-
On the user interface for Secure Web Gateway, select the settings icon.
-
Select Infrastructure > Web Gateway Setup.
-
Next to Set Up Active Directory Group Resolution click Edit.
-
On the page that appears, make sure memberOf is selected in the attribute field, then select Enable AD Group Resolution.
You have now configured an Active Directory lookup of user groups that is performed based on your user name.