The Group mapping feature is used to map LDAP/Active Directory groups to Ad Astra roles. When a user is authenticated, their group membership information is used to determine appropriate permissions.
To map groups to roles:
- Open the LDAP configuration page under the Settings tab.
- Click Add LDAP Group.
- Provide the LDAP administrator user name and password.
- Enter fully qualified path for the search.
- Enter the name filter for the search.
- This field automatically adds wild cards for a partial name search.
- Click Find LDAP Group.
- A list of matching groups is returned.
- Select a group from the list.
- Click the Save LDAP Group
- A list of all Ad Astra roles is returned.
- Place a check in the boxes next to role(s) to which the LDAP group should be mapped.
- Click Save to add the group-to-role association to the list.
- Repeat as needed.
- You may expand individual groups on list page to review the association.