mirror of
https://github.com/rancher/rancher-docs.git
synced 2026-05-06 05:03:27 +00:00
Lucas Saintarbor
50736e012a
* Add SamlOpenLDAPGroupPermissions shared file * Add SamlOpenLDAPGroupPermissions shared file to Configure Keycloak (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to Configure Okta (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to Configure PingIdentity (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to Configuring Rancher for Microsoft AD FS page * Add SamlOpenLDAPGroupPermissions shared file to Group Permissions with Shibboleth and OpenLDAP page * Add SamlOpenLDAPGroupPermissions shared file to other versions of Configure Keycloak (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to other versions of Configure Okta (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to other versions Configure PingIdentity (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to other versions of Configuring Rancher for Microsoft AD FS page * Add SamlOpenLDAPGroupPermissions shared file to other versions of Group Permissions with Shibboleth and OpenLDAP page
662 B
662 B
When you configure a SAML authentication provider backed by OpenLDAP, the SAML response might return only a subset of the groups that a user belongs to. The exact groups returned depend on the configuration of your external authentication provider.
Rancher assigns user permissions based strictly on the groups provided in the SAML response.
:::note
Even if you can search for and view specific OpenLDAP groups in the Rancher UI, you cannot use them to assign permissions if they are missing from the SAML response.
To assign permissions successfully, verify that your SAML authentication provider is configured to return all necessary OpenLDAP groups.
:::