The user must match one attribute value.

Users where title starts with senior

where <user-filter>

The user must match multiple attribute values.

Users where title=manager and locality=east

where <user-filter>

The user must belong to named organizations.

Users in organization sales and lower

in <org-rule>

The user must belong to organizations that meet a condition specified by attributes on the organization.

Users in organizations where Business Type=gold or platinum

in organizations where <org-filter>

The user must belong to specific organizations and match specific user attributes.

Users where title=manager and locality=east and who are in organization sales or marketing

where <user-filter> and who are in <org-rule>

The user must belong to a specific group.

Users who are members of 401K group

who are members of group <group>

The user must be a member of a role.

Users who are members of the Help Desk role

who are members of <role-rule>

The user must be an administrator of a role.

Users who are administrators of the Sales Manager role

who are administrators of <role-rule>

The user must be an owner of a role.

Users who are owners of the User Manager role

who are owners of <role-rule>

The user must belong to a group which meets a condition specified by attributes on the group.

Users who are members of groups where owner=CIO

who are members of group <group-filter>

The user must meet a condition based on an LDAP query.

(Use an LDAP query for situations where a query created in the CA Identity Manager User Console is insufficient)

user returned by the query ldap_query