Active Directory - Set up Role Mappings

From Fusion Registry Wiki
Revision as of 09:24, 28 October 2020 by Vmurrell (talk | contribs)
Jump to navigation Jump to search

Overview

If you are using Active Directory as the Authentication Service you will need to access the Role Mapping menu from the Admin-> Server Security page in order to map the Organisations you have set up in Fusion Registry to the Groups and users that you have created in Active Directory.

Example

In this very simple example the following has taken place.

Server Security General Settings

The registry has been fully locked-down so only authorised users are able to login. You can read more about the general concepts of Security in Fusion Registry in this article.


VMSS1.PNG

Active Directory

3 Groups have been created, one for each type of user:

  • Agency
  • Data Provider
  • Data Consumer

7 Users have been created. Game of Thrones is the Agency, John, Cersei and Doran are Data Providers and Baylon, Edmure and Olenna are Data Consumers. Each of the users is a member of the appropriate group.


VMSS2.PNG

Fusion Registry

In the Organisations area of Fusion Registry, again 7 records exist, the Agency, the 3 Data Providers and the 3 Data Consumers.


VMSS3.PNG


Role Mapping

The Role Mapping page is where you specify which Groups in AD map to which Organisations in Fusion Registry. At the moment this page is somewhat un-intuitive (which we plan to address in a future release) but if you follow the steps below your mapping will succeed.


VMSS4.PNG


Map the Agency

In the Role Mappings page, click the Add Mapping button. The Role Mapping modal will appear and display all the Organisations in the Registry.


VMSS5.PNG

In the field AD Role, enter the Group Name exactly as it appear in AD and then select the Agency as shown in the image below.


VMSS6.PNG

Click Assign to return to the Role Mapping page.

Map the Data Providers

Again, click the Add Mapping button and enter the AD Group Name but this time you can click all three Data Providers as shown on the example below.


VMSS7.PNG

Map the Data Consumers

Click all the Data Consumers.


VMSS8.PNG


Results

Having create the 3 mappings the Role Mappings Page will display a line for each Organisation (