Hi all,
I have Pentaho 6.1 connected to the Active Directory.
I am able to set permissions for users, e.g.
File 1 - accessible for user1
File 2 - accessible for user2
Now I want to assign permissions based on the groups the users belong to in AD. e.g.:
Group1: user1, user3
Group2: user2, Group3
Group3: user4
File 1 - accessible for all users, who belong to Group1
In my understanding I can to that by sharing the files with the roles I get from my AD. But in fact that doesn't work.
Can anyone please give me a hint?
Thanks a lot!
Here is the content of my applicationContext-security-ldap.properties
contextSource.providerUrl=[url]
contextSource.userDn=[user]
contextSource.password=[pw]
userSearch.searchBase=OU=[...]
userSearch.searchFilter=(\&(sAMAccountName=\{0\})(memberOf:1.2.840.113556.1.4.1941:=CN=app_pentaho))
populator.convertToUpperCase=false
populator.groupRoleAttribute=cn
populator.groupSearchBase=OU=[...]
populator.groupSearchFilter=(member:1.2.840.113556.1.4.1941:=\{0\})
populator.rolePrefix=
populator.searchSubtree=true
allAuthoritiesSearch.roleAttribute=cn
allAuthoritiesSearch.searchBase=OU=[...]
allAuthoritiesSearch.searchFilter=(\&(objectClass=group)(memberOf:1.2.840.113556.1.4.1941:=CN=app_pentaho))
allUsernamesSearch.usernameAttribute=sAMAccountName
allUsernamesSearch.searchBase=OU=[...]
allUsernamesSearch.searchFilter=(samAccountType=805306368)
adminRole=CN=app_pentaho_admins
adminUser=CN=[myadmin]
I have Pentaho 6.1 connected to the Active Directory.
I am able to set permissions for users, e.g.
File 1 - accessible for user1
File 2 - accessible for user2
Now I want to assign permissions based on the groups the users belong to in AD. e.g.:
Group1: user1, user3
Group2: user2, Group3
Group3: user4
File 1 - accessible for all users, who belong to Group1
In my understanding I can to that by sharing the files with the roles I get from my AD. But in fact that doesn't work.
Can anyone please give me a hint?
Thanks a lot!
Here is the content of my applicationContext-security-ldap.properties
contextSource.providerUrl=[url]
contextSource.userDn=[user]
contextSource.password=[pw]
userSearch.searchBase=OU=[...]
userSearch.searchFilter=(\&(sAMAccountName=\{0\})(memberOf:1.2.840.113556.1.4.1941:=CN=app_pentaho))
populator.convertToUpperCase=false
populator.groupRoleAttribute=cn
populator.groupSearchBase=OU=[...]
populator.groupSearchFilter=(member:1.2.840.113556.1.4.1941:=\{0\})
populator.rolePrefix=
populator.searchSubtree=true
allAuthoritiesSearch.roleAttribute=cn
allAuthoritiesSearch.searchBase=OU=[...]
allAuthoritiesSearch.searchFilter=(\&(objectClass=group)(memberOf:1.2.840.113556.1.4.1941:=CN=app_pentaho))
allUsernamesSearch.usernameAttribute=sAMAccountName
allUsernamesSearch.searchBase=OU=[...]
allUsernamesSearch.searchFilter=(samAccountType=805306368)
adminRole=CN=app_pentaho_admins
adminUser=CN=[myadmin]