Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Application Release Automation1.81

Administer > Organization > Configure Organization > Organization access control

Organization access control

Roles control what a user can accessHCM ARA. For more information about available roles, see Roles in Codar.

Adding a DN to the roles authorizes members of the LDAP directory organizational units access to Codar.

Access control allows you to add or remove directory service groups or organization units (ou) to a HCM ARA role by associating the ou's distinguished name (DN) to the desired role. Authenticated LDAP users, who are members of a group or organization unit that is assigned to a predefined role, can perform specific tasks and access specific parts of Codar .

Only members of a group or organization unit are assigned to the role. To ensure secure role assignment, access control inheritance stops at the assigned organizational unit. This does not follow the traditional directory service pattern where inheritance flows down the organizational unit's hierarchy. Instead, assignments to roles must be assigned to individual organizational units (ou).

A group or organization unit DN can be assigned to more than one role.

LDAP must be configured in order to authenticate users so that they can log in. See Configure LDAP for an organization for more information.

To add a DN to a role

Locate the role to which you want to add a DN.
Below the role, click Add DN.

Provide the following information, and click Save:

To select an existing named DN:
Item	Description
Select from existing named DNs	Select an existing named DN (that identifies a group or organization unit DN) to add to the role. If there are no existing named DNs, this item is not selectable. In order to use the approval process in Codar, you must select a group DN. A group DN is capable of holding members list, from which you can select the users during approval process. Organization unit DNs are not capable of holding members list.

To add a new named DN:
Item	Description
Enter a name for the group or organization unit DN	Enter a name to identify the DN.
Enter a group or organization unit DN	Enter the group or organization unit DN to add to the role. This DN must be relative to the Base DN you configured in the LDAP section of this organization. If the base DN is empty, supply the full DN of the group.

To update a name or DN in a role

Locate the role whose DN you want to update.
Below the role, locate the DN you want to update.
Move your cursor over the DN and click the Edit button.
In the Update DN dialog, update the DN name and/or the DN.
Click Update.

To remove a named DN from a role

Note: The named DN (group) is not deleted; instead, it is disassociated from the role. You will still see the group when you click Add DN and then click Select from existing named DNs.

Locate the role from which you want to remove a named DN.
Below the role, locate the group you want to remove.
Click the Remove DN icon.
Click Yes.

Send Help Center feedback