Hello! I can’t figure it out, please help. set up ldap, but don’t understand how to map a user to a role? I need to issue verification to domain users with the administrator role. all others are present to go under the default role of readall.
I need to do this not at the level of domain roles, but for the opensearch server.
im use last version os
need to show some of the yml?
@maxim You need to map the LDAP group assigned to the LDAP user as a backend role in roles_mapping.yml.
Thanks for the answer. This is not entirely true. I don’t want to give admin rights to the entire Active Directory user group. i want to select multiple users by their cn. it is desirable to do it on the side of opensearch
I understand! there is no “users: ” parameter in the default configuration of the roles_mapping.yml file. added, now it’s working, thanks
@maxim There is a users
parameter. You can map individual users to the OpenSearch role. Take a look at the example I’ve shared with my last answer.
1 Like