changes.
| h1. Scenario |
| | Authenticate users through Active Directory and retrieve associated groups to determine user permission. We assume that: |
| # Domain of the Active Directory is example.com. |
| # This Active Directory can be accessed through address _ldap://ad.example.com:389_ |
| # Users and groups are managed under LDAP entry _cn=Users,dc=example,dc=com_. |
| # User _Administrator_ is used to search user and group information in this Active Directory. |
| | Authenticate users through Fedora directory server and retrieve associated groups to determine user permission. We assume that: |
| # This directory server can be accessed through address _ldaps://ds.example.com:636_ |
| # Users are managed under LDAP entry _ou=people,dc=example,dc=com_. |
| # Groups are managed under LDAP entry _ou=groups,dc=example,dc=com_. |
| |
| h1. Resolution |
| | # For each Active Directory group you want to assign QuickBuild permissions, create a group with the same name in QuickBuild, and set proper permissions. |
| | # For each LDAP group you want to assign QuickBuild permissions, create a group with the same name in QuickBuild, and set proper permissions. |
| # Login as Administrator, switch to menu _Authentication->Authenticators_, and add an authenticator of LDAP type like below: |
| !fds.png! |
| | # Your users should now be able to login to QuickBuild and access to QuickBuild functionalities will be controlled using the group information from Active Directory. |
| | # Your users should now be able to login to QuickBuild and access to QuickBuild functionalities will be controlled using the group information from the fedora directory server. |
| |
| | {info}To browse Active Directory user and group information in a LDAP friendly way (that is, be able to browse DN and various attribute names/values), you may need to install a LDAP client (such as [JXplorer|http://www.jxplorer.org]), and connect it to your Active Directory using LDAP url, user and password information listed above.{info}!ad.png! |
| | {info}To browse directory server user and group information in a LDAP friendly way (that is, be able to browse DN and various attribute names/values), you may need to install a LDAP client (such as [JXplorer|http://www.jxplorer.org]), and connect it to your directory server using LDAP url, user and password information listed above.{info} |