Verification of LDAP authentication
Issue
-
Requirements:
- One want users to be able to logon to CFME
- Users shall be authenticated using LDAP
- The users should use account name that they use for many other systems, it will be in the format username@example.com
- In future, one desires the ablity to add users with other domain suffixes.
-
Configuration:
- SSSD has been configured with the Apache HTTP Server
-
Verification
- We can logon using username@example.com
- User is authenticated against LDAP
- LDAP Group is mapped to a role in CFME
- User has the right role in CFME
- User can logon via SSH (only for administrators)
- SSH Logon can be limited based on groups (only for administrators)
- Users are stored with their fullname ("Lastname Firstname"), e-mail address and username@example.com inside CFME
- Users can order services, services and VMs belong to these users
-
One wishes to confirm that this configuration is supportable, due to the modifications to the system and httpd.
Environment
- Red Hat CloudForms 4.0
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.