I am working on an ZAUTHENTICATE.mac to move us from local cache users to Delegated Authentication against LDAP. 

I have created a user role within my instance of Ensemble that matches the AD Group that I will be assigning everyone in my group to.  Is there a way to query the list of available Roles within Ensemble, and if one of my AD groups matches that role, set the role for that user?

How would I compare the AD Group against the Role listing?

Thanks

Scott

00
0 10 418

I am working through trying to use ZAUTHENTICATE.mac and LDAP.mac to do Delegated sign on into Ensemble. In reading over the samples and the documentation, I am not clearly finding on how to set the Appropriate Role from the LDAP group I return. Can someone help explain this part to me? If I have a user sign on, and I return a "Group" from the Authentication, how do I get that to transform into the Role I need for Ensemble.

Thanks

Scott Roth

00
0 1 369

Hi, folks!

When you deploy DeepSee solutions you often do not want grant a User  %All Role to work with a particular Dashboard.

Consider a Dashboard 'Dash' with a few widgets where listings are being used.

If you manage a Role to get access to the Dash you need to grant access to %DB_DBNAME resource to have a database access,  grant access to a Dashboard resource (if any) and ...  grant SELECT accesses to all the tables involved in SQL queries being used in all the listings of widgets.

10
0 3 240

Hi,

I've added a REST service which worked fine on our test system but failed on the production environment because UnknownUser does not have %All set and I really don't want it set on production (in fact I've also switched it off on test).

Is there a way to allow a single REST service to have unauthorised access?

I was thinking adding a resource/role to UnknownUser specifically for that service but I've never touched on Users/Roles/Resources so I'm struggling to work out what needs adding where.

Thanks

00
0 2 104