Multitenancy with LDAP authentication
Information
Summary: |
Usage of multitenancy together with LDAP authentication. |
Environment: |
Product: Flowmon OS Version: Any Platform: Any |
Question/Problem Description: |
Is it possible to use LDAP mapping for subtenants? Is it possible to define different LDAP servers for different tenants? |
Steps to Reproduce: | |
Error Message: | |
Defect Number: | |
Enhancement Number: | NPMD-I-105 |
Cause: | |
Resolution: |
In the current version, users from LDAP and TACACS+ are created in the base tenant only and it is possible to have only one LDAP server for all tenants in Flowmon OS. LDAP mapping for subtenants is not supported. It is not possible to set tenant ID to the LDAP group. It has to be done for every user individually. |
Workaround: |
Users can be created in subtenant by adding a new attribute to the LDAP user called "tenant" and setting the attribute to tenant ID. For Active Directory, a custom attribute has to be created (schema adjustment is required). |
Notes: |
https://flowmon.ideas.aha.io/ideas/NPMD-I-105 https://windowstechno.com/how-to-create-custom-attributes-in-active-directory/ |