Not an issue, but a feature request for next versions:
It would be great if support to LDAP groups is added to Graylog.
Example: I have my user, it's part of the group 'group1'.
On the stream, I add that everybody on the group 'group1' have the view of that stream, so I don't need to add manually a user to a stream when it joins a new group (a development group, as an example).
And thanks for the hard work guys, the software is amazing!!
The text was updated successfully, but these errors were encountered:
- add /system/ldap/settings/groups endpoints for managing the mapping - correctly resolve a user's roles to permissions when retrieving the user (so that the web interface gets the correct set of permissions) - some cleanup regarding bindings - add new permissions for reading/editing ldap group mappings, which can be done independently of configuring ldap system settings - group mapping uses the objectid of roles, not their names, so they work correct after role renames issue #1321 #951
ensure the Reader and Admin roles are always present during start - reader role does not contain the user-specific permissions needed to edit and change the password of the current user, these need to be set during user creation in that entity - admin is simply "*" both built-in roles cannot be edited/deleted or otherwise changed. fixes missing description when creating a role issue #1321 #951
…g it to objectClass previously we only allowed to filter for objectClass, which could be problematic if LDAP contained thousands of groups. this lets the user specify an arbitrary filter for looking up the relevant groups #951