DevTest Using Resource Groups with LDAP/LDAPs

Article Id: 103175
Status: Published
Updated On: 22-06-2018 14:40
Products:
CA Application Test Service Virtualization CA Continuous Application Insight (PathFinder)
Issue/Introduction:

You should only create Resource Groups for those users that need the limited access.
 
This example of for use of Resource Groups with 3 VSEs with the role of SV Power.

Environment:

Release:
Component: ITKOTF

Resolution:

Create 3 new roles, make a copy of SV Power:
 
SV Power1
SV Power2
SV Power3
 
The Users that need access to only VSE1, give them only SV Power1 role.
The Users that need access to only VSE2, give them only SV Power2 role.
The Users that need access to only VSE3, give them only SV Power3 role.
 
Create 3 Resource Groups:
 
One that contains just VSE1
One that contains just VSE2
One that contains just VSE3.
 
Assign SV Power1 role to Resource Group VSE1.
Assign SV Power2 role to Resource Group VSE2.
Assign SV Power3 role to Resource Group VSE3.
 
In order to have certain users assigned to particular VSEs, you will need to request the 3 additional groupDNs created in your Active Directory and make sure they are removed from the GroupDN that has access to all VSEs.
 
Add the new roles to the ldap-mappings.xml file.
 
Example, the new roles are added at the end:
 
<mapping role="Super User">
    <groupDN>cn=superadmins,ou=groups,dc=example,dc=com</groupDN>           
</mapping>
<mapping role="DevTest Administrator">
    <groupDN>cn=devadmins,ou=groups,dc=example,dc=com</groupDN>
</mapping>
<mapping role="Test Administrator">
   <groupDN>cn=testadmins,ou=groups,dc=example,dc=com</groupDN>           
</mapping>
<mapping role="System Administration">
    <groupDN>cn=sysadmins,ou=groups,dc=example,dc=com</groupDN>
</mapping>
<mapping role="PF Power">
   <groupDN>cn=pfadmins,ou=groups,dc=example,dc=com</groupDN> 
</mapping>
<mapping role="SV Power">
    <groupDN>cn=svadmins,ou=groups,dc=example,dc=com</groupDN> 
</mapping>
<mapping role="Test Power">
   <groupDN>cn=tpadmins,ou=groups,dc=example,dc=com</groupDN> 
</mapping>
<mapping role="Runtime">
    <groupDN>cn=rtadmins,ou=groups,dc=example,dc=com</groupDN>  
</mapping>
<mapping role="Test Runner">
    <groupDN>cn=tradmins,ou=groups,dc=example,dc=com</groupDN>  
</mapping>
<mapping role="Test Observer">
    <groupDN>cn=toadmins,ou=groups,dc=example,dc=com</groupDN>
</mapping>
<mapping role="Load Tester">
     <groupDN>cn=ltadmins,ou=groups,dc=example,dc=com</groupDN> 
</mapping>
<mapping role="User">
     <groupDN>cn=users,ou=groups,dc=example,dc=com</groupDN>
</mapping>
<mapping role="Guest">
    <groupDN>cn=guests,ou=groups,dc=example,dc=com</groupDN>
</mapping>
<mapping role="SV Power1">
    <groupDN>cn=sv1admins,ou=groups,dc=example,dc=com</groupDN>           
</mapping>
<mapping role="SV Power2">
    <groupDN>cn=sv2admins,ou=groups,dc=example,dc=com</groupDN>           
</mapping>
<mapping role="SV Power3">
    <groupDN>cn=sv3admins,ou=groups,dc=example,dc=com</groupDN>           
</mapping>
 
Users can then log in to the Portal or Workstation and have access to only the resources they need to have access to.