Feature #813

Support AD group membership for authorization and authentication

Added by Marcello de Sousa about 7 years ago. Updated over 3 years ago.

Status:Closed
Priority:Low
Assigned To:Daniel Lobato Garcia
Category:Authorization
Target version:Sprint 27
Difficulty: Bugzilla link:710189
Found in release: Pull request:
Story points-
Velocity based estimate-
Release1.6.0Release relationshipAuto

Description

We are now using Foreman with ldap to connect with AD users. Those users are members of specific AD usergroups.

Allow managing users in Active directory groups and assigning Foreman rights directly to these AD groups (like we are able to do with AD users now) would avoid the overhead of having to manage those users again in Foreman usergroups.


Related issues

Related to Foreman - Feature #863: add ability to restrict ldap authentication to a security... Closed 04/22/2011
Related to Foreman - Feature #1583: Assign roles and filters to usergroups Closed 04/20/2012
Related to Foreman - Feature #812: cant assign roles to groups, just to users Closed 03/31/2011
Related to Foreman - Feature #3892: When new users are created based on REMOTE_USER authentic... Closed 10/28/2013
Related to Foreman - Bug #7003: Unable to connect to AD through ldap login module Closed 08/08/2014
Blocked by Foreman - Feature #5241: Add support for external group mapping Closed 04/18/2014

Associated revisions

Revision 6421fa1c
Added by Daniel Lobato Garcia over 3 years ago

Fixes #813 - External usergroups can be linked to an LDAP auth source

Revision ba2910a9
Added by Daniel Lobato Garcia over 3 years ago

refs #813 - add foreman external usergroups refresh to cron

Revision 70b6e8b6
Added by Dominic Cleal over 3 years ago

refs #813 - add ldap_fluff dependency

Revision b8e0ff40
Added by Lukas Zapletal over 3 years ago

Merge pull request #265 from domcleal/rpm/develop-813-ldap_fluff

refs #813 - LDAP group support changes

History

#1 Updated by Ohad Levy about 7 years ago

  • Target version deleted (0.3)

#2 Updated by Ohad Levy over 4 years ago

  • Related to Feature #812: cant assign roles to groups, just to users added

#3 Updated by Dominic Cleal over 4 years ago

  • Description updated (diff)
  • Status changed from New to Ready For Testing
  • Assigned To set to Marek Hulán
  • Target version set to Sprint 17

#4 Updated by Dominic Cleal over 4 years ago

  • Target version changed from Sprint 17 to Sprint 18

#5 Updated by Dmitri Dolguikh over 4 years ago

  • Target version changed from Sprint 18 to Sprint 19

#6 Updated by Dmitri Dolguikh about 4 years ago

  • Target version changed from Sprint 19 to Sprint 20

#7 Updated by Dominic Cleal about 4 years ago

  • Assigned To changed from Marek Hulán to Daniel Lobato Garcia

#8 Updated by Dmitri Dolguikh about 4 years ago

  • Target version changed from Sprint 20 to Sprint 21

#9 Updated by Dominic Cleal about 4 years ago

  • Related to Feature #3892: When new users are created based on REMOTE_USER authentication, their roles should be populated as well added

#10 Updated by Dmitri Dolguikh about 4 years ago

  • Target version changed from Sprint 21 to Sprint 22

#11 Updated by Jan Pazdziora about 4 years ago

  • Blocked by Feature #5241: Add support for external group mapping added

#12 Updated by Dmitri Dolguikh almost 4 years ago

  • Target version changed from Sprint 22 to Sprint 23

#13 Updated by Dmitri Dolguikh almost 4 years ago

  • Target version changed from Sprint 23 to Sprint 22

#14 Updated by Dmitri Dolguikh almost 4 years ago

  • Target version changed from Sprint 22 to Sprint 23

#15 Updated by Marek Hulán almost 4 years ago

  • Blocks Feature #5734: Add API for external groups management added

#16 Updated by Dmitri Dolguikh almost 4 years ago

  • Target version changed from Sprint 23 to Sprint 24

#17 Updated by Dominic Cleal almost 4 years ago

  • Blocks deleted (Feature #5734: Add API for external groups management)

#18 Updated by Dmitri Dolguikh almost 4 years ago

  • Target version changed from Sprint 24 to Sprint 25

#19 Updated by Dmitri Dolguikh almost 4 years ago

  • Target version changed from Sprint 25 to Sprint 26

#20 Updated by Dominic Cleal over 3 years ago

  • Release set to 1.6.0

#21 Updated by Dmitri Dolguikh over 3 years ago

  • Target version changed from Sprint 26 to Sprint 27

#22 Updated by Daniel Lobato Garcia over 3 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#23 Updated by Dominic Cleal over 3 years ago

  • Related to Bug #7003: Unable to connect to AD through ldap login module added

#24 Updated by Stephen Benjamin over 3 years ago

  • Bugzilla link set to 1140658

#25 Updated by Bryan Kearney over 3 years ago

  • Bugzilla link changed from 1140658 to 710189

Also available in: Atom PDF