mirror of
https://github.com/rancher/rancher-docs.git
synced 2026-05-26 06:38:25 +00:00
Lucas Saintarbor
50736e012a
* Add SamlOpenLDAPGroupPermissions shared file * Add SamlOpenLDAPGroupPermissions shared file to Configure Keycloak (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to Configure Okta (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to Configure PingIdentity (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to Configuring Rancher for Microsoft AD FS page * Add SamlOpenLDAPGroupPermissions shared file to Group Permissions with Shibboleth and OpenLDAP page * Add SamlOpenLDAPGroupPermissions shared file to other versions of Configure Keycloak (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to other versions of Configure Okta (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to other versions Configure PingIdentity (SAML) page * Add SamlOpenLDAPGroupPermissions shared file to other versions of Configuring Rancher for Microsoft AD FS page * Add SamlOpenLDAPGroupPermissions shared file to other versions of Group Permissions with Shibboleth and OpenLDAP page
12 lines
662 B
Markdown
12 lines
662 B
Markdown
When you configure a SAML authentication provider backed by OpenLDAP, the SAML response might return only a subset of the groups that a user belongs to. The exact groups returned depend on the configuration of your external authentication provider.
|
|
|
|
Rancher assigns user permissions based strictly on the groups provided in the SAML response.
|
|
|
|
:::note
|
|
|
|
Even if you can search for and view specific OpenLDAP groups in the Rancher UI, you cannot use them to assign permissions if they are missing from the SAML response.
|
|
|
|
To assign permissions successfully, verify that your SAML authentication provider is configured to return all necessary OpenLDAP groups.
|
|
|
|
:::
|