This remains unanswered. Deployment of this is impossible if every user must be explicitly entered.
On Sep 10, 2015, at 8:16 PM, Jo Rhett <jrh...@netconsonance.com> wrote: > We are successfully authenticating users via LDAP. Right now if a user who is > not in our Administrators group logs in to Icinga, they see nothing at all. > I’ve created a group which has the appropriate permissions but I can’t seem > to find a way to let users into it. A wildcard in the user field doesn’t > work. > > Any user I manually type into the Users field is successfully granted the > permissions, however it is implausible for us to manually add every user > (thousands) to this field. > > The group authentication is also configured to LDAP, however no values placed > in the group field work. I am using values that work on the command line to > look up group users so I’m not sure what’s not happening with the group > access. I can’t find any log entries indicating a failure. > > This leads to two questions: > > 1. Is there any way to use a wildcard to mean “any authenticated user” for > group mapping? > 2. How can I debug or validate the query that Icingaweb2 is using for > evaluating group access? -- Jo Rhett Net Consonance : net philanthropy to improve open source and internet projects.
_______________________________________________ icinga-users mailing list icinga-users@lists.icinga.org https://lists.icinga.org/mailman/listinfo/icinga-users
