You can translate the question and the replies:

user privileges and roles within LDAP authentication

We have configured LDAP authentication under which the users within a particular distribution list can access denodo with the roles associated to the distribution list. eg: A distribution list having privilege of 'read' contains 'n' users over 'm' databases. Can the users have different roles and privileges over databases and in particular at folder level under the LDAP scheme? How can we provide users exclusive roles to users under a distribution list over different databases at folder level.
user
12-04-2019 12:15:02 -0400
code

1 Answer

Hi, Yes, the users can have different roles and privileges over the databases with LDAP authentication. If you want to assign different paths for LDAP groups then you can enter more than one “Role base” by clicking on the button beside the “Role base” box. The LDAP query formed with the “Role search” pattern will be executed in every “Role base” scope. If you want to have privileges on folder level access you can configure privileges over specific views/stored procedures/data sources/web services/widgets of a database, click on edit to display the “Advanced privileges” dialog. This dialog lists the views, procedures, data sources, web services and widgets of the database and for each one, you can select the appropriate checkbox to give the user privileges over a views/stored procedures/data sources/web services/widgets procedure You can also grant privileges view per view. You can also assign a privilege over all the elements of a folder. To do this, right-click the folder, click Select on all folder elements and then, Execute privilege, Write privilege, etc. Virtual DataPort manages the privileges of the views/stored procedures/data sources/web services/widgets individually and not by folder. Therefore, if, after granting a privilege over all the elements of a folder, you add an element to the folder, you have to grant this privilege to this element. Otherwise, the user will not have any privilege over this element. For more information you can refer the following links: https://community.denodo.com/docs/html/browse/7.0/vdp/administration/databases_users_and_access_rights_in_virtual_dataport/administration_of_databases_users_roles_and_their_access_rights/creating_databases#creating-a-database-with-ldap-authentication https://community.denodo.com/docs/html/browse/7.0/vdp/administration/databases_users_and_access_rights_in_virtual_dataport/administration_of_databases_users_roles_and_their_access_rights/modifying_and_deleting_users#modifying-the-privileges-of-a-user Hope this helps!
Denodo Team
18-04-2019 20:43:18 -0400
code
You must sign in to add an answer. If you do not have an account, you can register here