https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Restrict-a-category-using-LDAP/m-p/116796#M20772 <P><a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/11071">@geringer</a>&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/20681">@JamesIlderton</a></P><P>&nbsp;</P><P><SPAN>Be aware that a user will need to login to WFA before you can add them to a category</SPAN></P><P><SPAN>====</SPAN></P><P>&nbsp;</P><P><SPAN>This is a major limitation and can totally defeat the purpose of restricted Category login. To overcme this, I've a solution. See <A href="https://community.netapp.com/t5/OnCommand-Storage-Management-Software-Discussions/Has-Anyone-got-AD-groups-into-WFA/m-p/109360/highlight/true#M19292" target="_blank">here.</A>&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>Its a very simple workflow and works totally fine with sAMAccountName and UserPrincipalName. If you have any questions or need any variation, kindly post it on that thread.</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P><SPAN>sinhaa</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 08 Mar 2016 10:43:04 GMT sinhaa 2016-03-08T10:43:04Z https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Restrict-a-category-using-LDAP/m-p/116768#M20765 <P>I would like to restrict a category using an LDAP group or users, but the UI only presents local users. &nbsp;Does anyone know if this is possible?</P> Wed, 04 Jun 2025 21:52:22 GMT https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Restrict-a-category-using-LDAP/m-p/116768#M20765 JamesIlderton 2025-06-04T21:52:22Z https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Restrict-a-category-using-LDAP/m-p/116770#M20766 <P>James,</P><P>&nbsp; &nbsp; &nbsp;You can use Microsoft LDAP integration to define groups in each of the role categories of "Administrator","Architect","Operator" and "Guest". &nbsp;Select "WFA Configuration" in the "Administration" menu. &nbsp;The configuration is setup in the "Autjentication" tab. &nbsp;Be aware that a user will need to login to WFA before you can add them to a category. &nbsp;This setup will allow you to use active Directory groups to manage user access to WFA roles only.</P><P>&nbsp;</P><P>Mike</P> Mon, 07 Mar 2016 22:30:03 GMT https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Restrict-a-category-using-LDAP/m-p/116770#M20766 geringer 2016-03-07T22:30:03Z https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Restrict-a-category-using-LDAP/m-p/116796#M20772 <P><a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/11071">@geringer</a>&nbsp;<a href="https://community.netapp.com/t5/user/viewprofilepage/user-id/20681">@JamesIlderton</a></P><P>&nbsp;</P><P><SPAN>Be aware that a user will need to login to WFA before you can add them to a category</SPAN></P><P><SPAN>====</SPAN></P><P>&nbsp;</P><P><SPAN>This is a major limitation and can totally defeat the purpose of restricted Category login. To overcme this, I've a solution. See <A href="https://community.netapp.com/t5/OnCommand-Storage-Management-Software-Discussions/Has-Anyone-got-AD-groups-into-WFA/m-p/109360/highlight/true#M19292" target="_blank">here.</A>&nbsp;</SPAN></P><P>&nbsp;</P><P><SPAN>Its a very simple workflow and works totally fine with sAMAccountName and UserPrincipalName. If you have any questions or need any variation, kindly post it on that thread.</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P><SPAN>sinhaa</SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 08 Mar 2016 10:43:04 GMT https://community.netapp.com/t5/Active-IQ-Unified-Manager-Discussions/Restrict-a-category-using-LDAP/m-p/116796#M20772 sinhaa 2016-03-08T10:43:04Z