search cancel

Access to Portal, Enterprise Dashboard and Virtual Catalog for default role set in IAM for Users not in any LDAP Groups

book

Article ID: 190192

calendar_today

Updated On:

Products

CA Application Test Service Virtualization

Issue/Introduction

Our case is when we have a user that not part of any specific group or group to role mapping definition.

As a result when the user logs in will get the default role defined in the user federation. NT Guest in our case.

But the user will not have Dashboard User of Service Catalog User roles, thus the user cannot access Dashboard or Catalog portals.

 

How can we, as part of the user federation, grant more than one default roles.

 

Environment

All supported DevTest releases.

Cause

N/A

Resolution

This is the only way to accomplish this:

From IAM:

1. Remove the Default Role value from the Setting tab in User Federation.
2. Save.
3. Choose Users under the Manage section.
4. In the Search field put in a user that is in LDAP but have no groups and click the magnifying glass icon.
5. When the user displays, click Edit by their name.
6. Choose the Role Mappings tab.
7. Assign these roles to the user: NT_Guest, Enterprise Dashboard User and Virtual Service Catalog User.

Currently we only allow one Default Role, not multiple for a user.

Additional Information

Suggest opening a support case to request an enhancement of having multiple Default Roles.