Access to Portal, Enterprise Dashboard and Virtual Catalog for default role set in IAM for Users not in any LDAP Groups
Article ID: 190192
Updated On:
Products
CA Application Test
Service Virtualization
Issue/Introduction
Our case is when we have a user that not part of any specific group or group to role mapping definition.
As a result when the user logs in will get the default role defined in the user federation. NT Guest in our case.
But the user will not have Dashboard User of Service Catalog User roles, thus the user cannot access Dashboard or Catalog portals.
How can we, as part of the user federation, grant more than one default roles.
Environment
All supported DevTest releases.
Cause
N/A
Resolution
This is the only way to accomplish this:
From IAM:
1. Remove the Default Role value from the Setting tab in User Federation.
2. Save.
3. Choose Users under the Manage section.
4. In the Search field put in a user that is in LDAP but have no groups and click the magnifying glass icon.
5. When the user displays, click Edit by their name.
6. Choose the Role Mappings tab.
7. Assign these roles to the user: NT_Guest, Enterprise Dashboard User and Virtual Service Catalog User.
Currently we only allow one Default Role, not multiple for a user.
From IAM:
1. Remove the Default Role value from the Setting tab in User Federation.
2. Save.
3. Choose Users under the Manage section.
4. In the Search field put in a user that is in LDAP but have no groups and click the magnifying glass icon.
5. When the user displays, click Edit by their name.
6. Choose the Role Mappings tab.
7. Assign these roles to the user: NT_Guest, Enterprise Dashboard User and Virtual Service Catalog User.
Currently we only allow one Default Role, not multiple for a user.
Additional Information
Suggest opening a support case to request an enhancement of having multiple Default Roles.
Feedback
Yes
No
Powered by
