Mapping Roles to AD Groups
(→Tutorial) |
|||
| Line 1: | Line 1: | ||
=== Tutorial === | === Tutorial === | ||
| − | DreamFactory | + | DreamFactory allows you to map your Roles imported from your Active Directory server ([[DreamFactory/Tutorials/Importing_Groups_as_Roles|Importing Groups as Roles]]) |
| − | to your users (per-application) authenticating | + | to your users (per-application) authenticating via DreamFactory's Active Directory service. |
| − | To enable mapping DreamFactory Roles to Active Directory groups check | + | To enable mapping DreamFactory Roles to Active Directory groups, check the 'Map Group to Role' checkbox on your Active Directory |
service config tab. | service config tab. | ||
| Line 11: | Line 11: | ||
When this checkbox is checked, DreamFactory will try to match an existing role (imported from Active Directory) with your AD | When this checkbox is checked, DreamFactory will try to match an existing role (imported from Active Directory) with your AD | ||
user's primary group. If no match is found using primary group, then it will try to match with any other group in Active Directory. | user's primary group. If no match is found using primary group, then it will try to match with any other group in Active Directory. | ||
| − | If still | + | If still no match is found, then it will use the default role specified on your Active Directory service configuration. |
| − | Role to Group mapping also supports Active Directory Group hierarchy when 'Allow Group Hierarchy When Mapping' checkbox is checked. | + | Role to Group mapping also supports Active Directory Group hierarchy when the 'Allow Group Hierarchy When Mapping' checkbox is checked. |
This will try to match an existing role (imported from Active Directory) with your AD user's primary group or its parent group hierarchically. | This will try to match an existing role (imported from Active Directory) with your AD user's primary group or its parent group hierarchically. | ||
| − | If no match is found using primary group and its hierarchy, then it will try to match with any other group and its hierarchy in Active Directory. | + | If no match is found using the primary group and its hierarchy, then it will try to match with any other group and its hierarchy in Active Directory. |
| − | If still | + | If still no match is found, then it will use the default role specified on your Active Directory service configuration. |
Revision as of 16:22, 15 July 2016
Tutorial
DreamFactory allows you to map your Roles imported from your Active Directory server (Importing Groups as Roles) to your users (per-application) authenticating via DreamFactory's Active Directory service.
To enable mapping DreamFactory Roles to Active Directory groups, check the 'Map Group to Role' checkbox on your Active Directory service config tab.
When this checkbox is checked, DreamFactory will try to match an existing role (imported from Active Directory) with your AD user's primary group. If no match is found using primary group, then it will try to match with any other group in Active Directory. If still no match is found, then it will use the default role specified on your Active Directory service configuration.
Role to Group mapping also supports Active Directory Group hierarchy when the 'Allow Group Hierarchy When Mapping' checkbox is checked. This will try to match an existing role (imported from Active Directory) with your AD user's primary group or its parent group hierarchically. If no match is found using the primary group and its hierarchy, then it will try to match with any other group and its hierarchy in Active Directory. If still no match is found, then it will use the default role specified on your Active Directory service configuration.
