Network Access Permission

The Network Access Permission mapping allows you to control the msNPAllowDialin AD attribute.

This is a bool mapping that must result in either a true, false or null.

  • true result will set msNPAllowDialin to Allow access
  • false result will set msNPAllowDialin to Deny access
  • A null result will set msNPAllowDialin to Control access through NPS Network Policy

Example If you want to allow access for all regular employees, then set an expression that results in true for regular employees:

Employment.EmployeeTypeCode == "REG"

Example If you want to allow access for all employees, then set an expression that results in true for everyone:

true

Example If you want to deny access for all contractor employees, then set an expression that results in false for contractors and true for everybody else:

Employment.EmployeeTypeCode != "CON"

Example If you want everyone to be set to Control access through NPS Network Policy, then set an expression that results in null for everyone:

null