Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 24 Next »

Some organizations prefer to have their users authenticate to Lumeta Enterprise Edition using Active Directory (AD). This arrangement transmits AD user-rights to Lumeta to control what individual users can see when logged in to a Lumeta Command Center.


To map Active Directory (AD) groups and roles to Lumeta organizations, here's the process.

Prerequisites

  1. Ensure that Groups and Users have already been set up in an Active Directory (AD) server before beginning this procedure. See https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal to learn how. 

  2. Find out the credentials to your organization's AD server. Here are the types of information you'll need and an example of most (We've masked the name of the Active Directory server):


Active Direction Configuration & Configuration Options

To configure Active Directory on Lumeta Enterprise Edition:

  1. Identify the Host Name or IP Address of your Command Center.
  2. Use that information to log in to the CLI of your Command Center.


  3. At the command-line prompt, enter authentication ad


  4. These are the available AD Authentication options and their purpose:
    CLI CommandDescription & ExampleLikely Order of Operations
    groupmapping

    Maps an Active Directory group to an Organization in Lumeta Enterprise Edition

    If your Active Directory mapping introduces new Organizations, you will need to create those organizations in the Command Center as follows:

    5
    configure

    Configures an Active Directory authentication server


    1
    netbios

    The netbios is an alias for the hostname used in Active Directory authentication.

    In this example, the hostname of the Command Center is longer than the maximum number of characters allowed, so AD could not be enabled. In cases like these, use the netbios to serve as an alias for a too-long hostname.

    This command would create a hostname on the AD server with the name "TestAD."

    3
    enable/disable

    Enables and disables an AD authentication

    4
    viewconfig

    Displays the current AD configuration



    2
    clearconfig

    Clears the current AD configuration

    optional




Viewing Users in Lumeta

When an AD user logs in to Lumeta, and browses to Settings > Users, users, groups, and organizations to which he has been given rights in the AD server groupings––and only those––are visible.





  • No labels