Verification of LDAP authentication

Solution Unverified - Updated -

Issue

  • Requirements:

    • One want users to be able to logon to CFME
    • Users shall be authenticated using LDAP
    • The users should use account name that they use for many other systems, it will be in the format username@example.com
    • In future, one desires the ablity to add users with other domain suffixes.

  • Configuration:

    • SSSD has been configured with the Apache HTTP Server

  • Verification

    • We can logon using username@example.com
    • User is authenticated against LDAP
    • LDAP Group is mapped to a role in CFME
    • User has the right role in CFME
    • User can logon via SSH (only for administrators)
    • SSH Logon can be limited based on groups (only for administrators)
    • Users are stored with their fullname ("Lastname Firstname"), e-mail address and username@example.com inside CFME
    • Users can order services, services and VMs belong to these users

  • One wishes to confirm that this configuration is supportable, due to the modifications to the system and httpd.

Environment

  • Red Hat CloudForms 4.0

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content