Appanvil karma designer | ||||
---|---|---|---|---|
|
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
Hello. In this video you will learn how to configure LDAP authentication in ACDI.
By default, after installation, you can log into ACDI using the local accounts you’ve defined during installation. Information about a user can be found in the User Profile in the top right corner.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
To configure LDAP authentication, you need to do the following: Go to Administration, then “Core Engine,” and in “LDAP Connections,”
...
Additional information will be received from LDAP and saved in session.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
When you modify this page, you will need to save the settings and create a new user or use a new one.
...
Okay, now you can proceed to ACDI.
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
By default, ACDI contains three roles: admins, readonlys, and managers.
Admins have access and permissions to create, and edit all dashboards as well as reports. They can also access the “Time Machine,” “Manage” submenus, and work with “Administration.”
Managers have access to all dashboards and reports and can edit and create them. They also have access to “Manage” but not to “Administration.”
Readonlys can only read dashboards and reports and run them. Editing is not allowed for readonlys users.
...
Anchor | ||||
---|---|---|---|---|
|
Appanvil karma designer | ||||
---|---|---|---|---|
|
Now let's assign entitlements and access to a group you created.
In the top right corner, click the “Manage user accounts” symbol, enter a username, and click “Get User Data.”
...
Here you see the user’s attributes and you see your group.
...
Let's edit entitlements.
...
Let's give this a manager role.
...
Set access only to “Users” reports.
...
When you change the report filter at the bottom of this window, you can see a list of reports and dashboards to which this user will have access. Okay, let's check everything, save the settings, and close the window.
...
Now let's try to log in using the LDAP account you’ve just finished configuring.
...
Ok, so you are logged in with your LDAP account. You can see some information about the user here.
...
This user has the role “managers,” and, as you can see, has access to all menus except “Administration.” This user—Bob T.—can create and edit the dashboards and reports he has access to. “Time Machine” is also available for him.
...
Let’s change the role for this user to “readonlys.” It was made in the backstage. Let's log out and log in again.
...
This is to see that the role is changed to “readonlys,” and only dashboards and reports submenus are available for this user to access. “Time Machine” is gone from the menu and is unavailable because it contains data from snapshots which can be security sensitive. Also “Administration” submenu is unavailable.
...
All ACDI components to which this user has no access became disabled and this user also won't have access to using direct endpoints.
...
That’s it—the LDAP authentication configuration in ACDI. Thank you for your attention and take care.
Should you have any questions or require any assistance, please do not hesitate to contact us at any time swsupport.skypro@skypro.ch