The Group mapping feature is used to map LDAP/Active Directory groups to Ad Astra roles. When a user is authenticated, their group membership information is used to determine appropriate permissions.
Adding LDAP Group
- Click the Settings tab.
- Select LDAP configuration.
- Click Add LDAP Group.
- Provide the LDAP administrator user name and password.
The admin user specified here should have permission to search the entire LDAP or Active Directory structure or results may be inconsistent.
- Enter a fully qualified path for the search.
- Enter the name filter for the search.
- This field automatically adds wild cards for a partial name search.
- Click Find LDAP Group.
- A list of matching groups is returned.
- Select a group from the list.
- Click Save LDAP Group
- A list of all Ad Astra roles is returned.
- Place a check in the boxes next to role(s) to which the LDAP group should be mapped.
- Click Save to add the group-to-role association to the list.
- Repeat as needed.
- Expand individual groups on list page to review the association.