We are successfully authenticating users via LDAP. Right now if a user who is not in our Administrators group logs in to Icinga, they see nothing at all. I’ve created a group which has the appropriate permissions but I can’t seem to find a way to let users into it. A wildcard in the user field doesn’t work.
Any user I manually type into the Users field is successfully granted the permissions, however it is implausible for us to manually add every user (thousands) to this field. The group authentication is also configured to LDAP, however no values placed in the group field work. I am using values that work on the command line to look up group users so I’m not sure what’s not happening with the group access. I can’t find any log entries indicating a failure. This leads to two questions: 1. Is there any way to use a wildcard to mean “any authenticated user” for group mapping? 2. How can I debug or validate the query that Icingaweb2 is using for evaluating group access? -- Jo Rhett Net Consonance : net philanthropy to improve open source and internet projects.
_______________________________________________ icinga-users mailing list icinga-users@lists.icinga.org https://lists.icinga.org/mailman/listinfo/icinga-users
