External Authentication User Groups
Identifying User Group Memberships from User Management Technology Such as Active Directory, LDAP and SAML
An 'external group' is a User Group that is managed outside of the SmartIQ Environment, typically by Active Directory, LDAP and SAML identity management systems. Like Internal groups it is possible for SmartIQ User Administrators to create them from Manage however subscription (or removal) to the group cannot happen in SmartIQ, control of that is up the identity management system to which SmartIQ relies upon.
Installation and Configuration of Authentication Extensions
Environments where user management is managed by an external Identity Provider need external group(s) configured before the provider is configured so that when the first user (usually a server administrator) attempts to access SmartIQ they will have appropriate access to make further changes.
For new installations it is recommend that a test group be identified that has full Global Administrator permission in SmartIQto be able to test connectivity before making more specific selections.
How to Create an External Group
-
Create a new group or identify an existing group in your Identity management System that will be used to setup and configure authentication settings.
-
Login to SmartIQ Manage (for new installations this will be via forms authenticated, usually the admin/admin account).
-
Navigate to Groups and click New Group.
-
Enter the group name. This name must be an exact match with your system.
-
Check the External Group box.
-
Select the appropriate roles for the group. Members of this group will automatically receive these roles.
-
Click Save.
Updated almost 4 years ago