Scope: Web Filter version<= 7
Answer: WSA pulls the LDAP0 from the web filter to use for the default domain, without LDAP setup it cannot apply via rules for other schemes.
1. Go to User/Groups Tab> Authentication page
2. Add an LDAP authentication scheme here (without need of DC agents – if only needing for WSA users), be sure to add to all fields and test the ldap with the LDAP discovery button, this will test all fields are correctly set to pull users into exceptions creation of rules.
3. Go to Block/Accept tab> Exceptions page
4. Create rule for LDAP user/group and save
5. Move rule to top for testing
6. You can verify against the Advanced tab> Troubleshooting page policy check, to see that policy should allow or deny as desired
7. Fully verify user/PC testing and clear cache if necessary.
You should now see the WSA user as an LDAP user and policy for LDAP user/group should apply properly for the WSA user now.
Link to This Page: