Nested ldap group

:bulb: Idea Name

We have 2 locations US and EU.

Only dev_us users can log in to kibana US

Only dev_eu users can join kibana EU

The EU crashes crash and US users should be able to login to Kibana EU.

To do this, we make the dev_us group nested within the dev_eu group.

dev_eu

|->dev_us

And dev_us users can login to kibana EU.

:eyes: Example

"dev_us":[ "billie" ]
dev_EU: [
  "anne",
   "dev_us"
]

ROR in kibana EU:
access only[“dev_EU”]

That is, we have large nested groups. And usually it is enough for a person to put Senior_developers_grp in order to understand that he is also included in developer_grp. Now we have to indicate that the person is in developer_grp and Senior_developers_grp, as nesting does not work.

I hope I managed to explain?

:rocket: Let’s do this?

  • 1
  • 2
  • 3
  • 4
  • 5

0 voters

So I assume when a user in a nested group logs in, we resolve two groups, i.e. solution a) from previous topic ?

Yes everything is correct.
I want to note that in the ROR configuration, if you look at the previous post, the senior_developers_grp group is not specified.
It is indicated that only develpers_grp has access

1 Like