Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Dynamic Data Masking 9.9.3
  • All Products

Table of Contents

Search

  1. Preface
  2. Introduction to the Active Directory Accelerator
  3. Active Directory Accelerator Setup
  4. Active Directory Accelerator Rules
  5. Debug the Active Directory Accelerator

Active Directory Accelerator Guide

Active Directory Accelerator Guide

Back Next

WhiteList Rules

WhiteList Rules

The WhiteList rule is a rule folder that defines the LDAP groups or attribute values of users that receive unmasked data. Dynamic Data Masking masks data for LDAP groups and users that do not return a match in the WhiteList rules.
To use the WhiteList masking method, enable the WhiteList rule folder and disable the BlackList rule folder.
The WhiteList rule folder contains WhiteListGroups, WhiteListAttributeName, WhiteListAttributeValues, StopIfLDAPMatch, and MaskingRule rules.
If you want to define LDAP groups that do not receive masked data, enable the WhiteListGroups rule and disable the WhiteListAttributeName and WhiteListAttributeValues rules. In the WhiteListGroups rule, set the Groups symbol value to the list of LDAP groups that receive unmasked data. Enter the LDAP groups that receive unmasked data in the Symbol Value field. Separate groups with a pipe symbol ( | ).
If you want to define users that receive unmasked data based on the LDAP attribute values of the users, disable the WhiteListGroups rule and enable the WhiteListAttributeName and WhiteListAttributeValues rules. Define the attribute in the WhiteListAttributeName rule. Set the ATTR_NAME Symbol Value to the name of the attribute. In the WhiteListAttributeValues rule, define the attribute values of the attribute that you specified in the WhiteListAttributeName rule. Set the ATTR_VALUES Symbol Value to the attribute values that you use to identify a user that receives unmasked data.
The StopIfLDAPMatch rule uses a Stop rule action if the LDAP group or attribute value is a match. The Rule Engine does not apply the MaskingRule rule and the user receives unmasked data.
Configure the MaskingRule rule to define how to mask the data. The rule contains columns that commonly contain personally identifiable information. Modify the rule based on the data that you want to mask.
The following table describes the WhiteList rules:
Rule
Description
WhiteListGroups
Defines the value of the Groups symbol. Enter the LDAP groups that you want to receive unmasked data.
You cannot use the WhiteListGroups rule with the WhiteListAttributeName and WhiteListAttribueValues rules.
WhiteListAttributeName
Defines the ATTR_NAME symbol. Enter the LDAP attribute that you use to identify users that receive unmasked data.
You cannot use the WhiteListAttributeName rule with the WhiteListGroups rule.
WhiteListAttributeValues
Defines the ATTR_VALUES symbol. Enter the LDAP attribute values that you use to identify users that receive unmasked data.
You cannot use the WhiteListAttributeName rule with the WhiteListGroups rule.
StopIfLDAPMatch
Stops the Rule Engine. The Rule Engine does not apply the MaskingRule rule if the StopIfLDAPMatch rule returns a match.
MaskingRule
Defines how to mask the sensitive data.
0 COMMENTS
We’d like to hear from you!