Administering › Security › Access Control (ACL) › Authorize Users Authenticated by LDAP

Authorize Users Authenticated by LDAP

When you configure ACL to user LDAP, you specify a default role with the following setting:

lisa.acl.ldap.lisaDefaultRole

The default role that is assigned to a user that is added to the DevTest database after being successfully authenticated. If you do not include this property, the default role is Guest.

When a user logs in with valid LDAP credentials, LDAP authenticates the user and if the user does not exist in the DevTest database, a row is automatically added to the database. The row includes the user ID and the role that is currently specified for lisa.acl.ldap.lisaDefaultRole.

There are thirteen roles. You could, for example, set the default role to Runtime. When each user logs onto any DevTest UI or CLI the first time, a row is added to the DevTest Users table with their User ID and the default role.

To update the DevTest Users table by making individual role assignments

1. Ask all DevTest users to log in to DevTest Solutions and then log out.
2. Browse to the DevTest Console and log in.

   http://hostname:1505
   

3. Click Server Console and then click the Administrative tab in the left navigation pane.
4. Click Users.

   The DevTest Users table opens.

5. For each user, clear the default role and select the appropriate role.
6. (Optional) To view permissions for a role in the right pane of the User Details dialog, click the Show User Details icon and click the role name.
7. Click Save.

To update the DevTest Users table automatically

1. Set the default to a given role.
2. Ask all users to whom you want to assign that role to log in to DevTest Solutions and then log out.
3. Change the default to another role.
4. Ask all users to whom you want to assign that role to log in to DevTest Solutions and then log out.
5. Repeat Steps 3 and 4 for each role.