Project

General

Profile

Feature #3508

As a security engineer, I would like to retrieve ldap groups and use that to select roles in foreman

Added by Dmitri Dolguikh almost 8 years ago. Updated over 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Users, Roles and Permissions
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Related issues

Is duplicate of Foreman - Feature #812: cant assign roles to groups, just to usersClosed2011-03-31

History

#1 Updated by Dominic Cleal almost 8 years ago

  • Is duplicate of Feature #812: cant assign roles to groups, just to users added

#2 Updated by Dominic Cleal almost 8 years ago

  • Status changed from New to Need more information

#3 Updated by Bryan Kearney almost 8 years ago

At the end of this story, and the end of Jan's work, I would expect the following scenarios to work

1) Authz and Authn are done by the foreman login screen. Passwwords are validated by an LDAP bind, and the roles are selected based on the groups returned from LDAP.

2) Authz and Authn are done by the apache plugin. Group names from the plugin are used to select the correct roles.

In order to support both use cases, it is acceptable for the Foreman user to have to map the intenral roles to group names.

#4 Updated by Marek Hulán over 7 years ago

  • Status changed from Need more information to Closed

Also available in: Atom PDF