Date
1 - 2 of 2
Assigning Role to Group
|
Zakharov Alexey <alexey.zakharov@...>
Hi guys!
Sorry if my question is newbie or it was discussed before. I want to use LDAP for users authentication/authorisation. And I’ve successfully bound CF to LDAP, and managed to configure uaac group mappings. But then I realised, that there are no way to assign a Role to that group. 'cf set-org-role’ accepts only usernames as parameter, but not groups. I think assigning Developer role to group is more flexible than assigning is to every particular user. Are you going to add this feature later? Or maybe there is an another way to do group binding? Thanks for your time. --- Alexey Zakharov | CloudFoundry Team | Altoros Tel: (617) 841-2121 ext. 5704 | Toll free: 855-ALTOROS Fax: (866) 201-3646 | Skype: alexey.zakharov.a www.altoros.com | blog.altoros.com | twitter.com/altoros |
|
|
|
Daniel Mikusa
On Fri, Jul 17, 2015 at 6:40 AM, Zakharov Alexey <
alexey.zakharov(a)altoros.com> wrote: Hi guys!Have you looked at the `uaac` tool? I'm not quite sure I understand what you're trying to do, but you can map an LDAP group DN to a UAA group with `uaac`. Then if a user in that LDAP group logs in, they'll have that uaa group. Is that what you're looking to do? Ex: uaac group map --name cloud_controller.admin "GROUP-DISTINGUISHED-NAME" Or are you asking about mapping LDAP groups to CF org & space roles? i.e. user in ldap group X is automatically given the OrgManager role in org Y. Dan Thanks for your time.
|
|
|