Thank you Raju
I am currently using LDAP mapping and it is working fine.I was looking very
specifically SAML mapping options.
On Thu, 10 Sep, 2020, 10:50 am Raju Das, <linuxaddictr...@gmail.com> wrote:
> Hi,
>
> Please find Redhat Doc if it helps.......
>
> Mapping between organization admins/users and LDAP groups
>
> The org mapping parameters controls what users are placed into what Tower
> organizations relative to their LDAP group
> memberships. Some things to note:
>
> - Keys are organization names.
> - Organizations will be created if not present.
> - Values are dictionaries defining the options for each organization's
> membership.
> - For each organization it is possible to specify what groups are
> automatically users of the organization and also what
> groups can administer the organization.
>
> - admins: None, True/False, string or list/tuple of strings.
> - If None, organization admins will not be updated based on LDAP
> values.
> - If True, all users in LDAP will automatically be added as
> admins of the organization.
> - If False, no LDAP users will be automatically added as admins
> of the organiation.
> - If a string or list of strings, specifies the group DN(s) that
> will be added of the organization if they match any of the specified
> groups.
> - remove_admins: True/False. Defaults to True.
> - If True, a user who is not an member of the given groups will
> be removed from the organization's administrative list.
> - users: None, True/False, string or list/tuple of strings. Same
> rules apply as for admins.
> - remove_users: True/False. Defaults to True. Same rules as apply
> for remove_admins
>
> Here is an example input for Organization mapping:
>
> {
> "Test Org": {
> "admins": "CN=Domain Admins,CN=Users,DC=example,DC=com",
> "users": ["CN=Domain Users,CN=Users,DC=example,DC=com"],
> "remove_users" : "True",
> "remove_admins" : "True"
> },
> "Test Org 2": {
> "admins": ["CN=Administrators,CN=Builtin,DC=example,DC=com"],
> "users": "True",
> "remove_users" : "True",
> "remove_admins" : "True"
> }
> }
>
> Mapping between team members (users) and LDAP groups.
>
> The team mapping parameters controls what users are placed into what Tower
> teams relative to their LDAP group
> memberships. Some things to note:
>
> - Keys are team names (will be created if not present).
> - Values are dictionaries of options for each team's membership, where
> each can contain the following parameters:
> - organization: string. The name of the organization to which the team
> belongs. The team will be created if the combination of organization and team
> name does not exist. The organization will first be created if it does not
> exist.
> - users: None, True/False, string or list/tuple of strings.
> - If None, team members will not be updated.
> - If True/False, all LDAP users will be added/removed as team
> members.
> - If a string or list of strings, specifies the group DN(s). User
> will be added as a team member if the user is a member of ANY of these groups.
> - remove: True/False. Defaults to False. If True, a user who is not a
> member of the given groups will be removed from the team.
>
> Here is an example input for Team mapping:
>
> {
> "My Team": {
> "organization": "Test Org",
> "users": ["CN=Domain Users,CN=Users,DC=example,DC=com"],
> "remove": "True"
> },
> "Other Team": {
> "organization": "Test Org 2",
> "users": "CN=Other Users,CN=Users,DC=example,DC=com",
> "remove": "False"
> }
> }
>
> With Regards
>
> Raju Das
>
>
>
> On Thu, Sep 10, 2020 at 10:02 AM Prasad Shetty <prash...@gmail.com> wrote:
>
>> Hello Everyone-
>>
>> I was trying to setup a SAML team map in AWX . I am able to achieve the
>> same using LDAP but in SAML it bit confusing. Could you please help me on
>> the same. If anyone already configured. Please share the real example
>> configuration for my reference.
>>
>>
>> SAML ORGANIZATION ATTRIBUTE MAPPING
>> SAML TEAM MAP
>> SAML TEAM ATTRIBUTE MAPPING
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Ansible Project" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to ansible-project+unsubscr...@googlegroups.com.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/ansible-project/CAKG6amcUQY%2BKrFtjLvS4anrLdN2pPe2DGstoWgyNKQB9e0OCGA%40mail.gmail.com
>> <https://groups.google.com/d/msgid/ansible-project/CAKG6amcUQY%2BKrFtjLvS4anrLdN2pPe2DGstoWgyNKQB9e0OCGA%40mail.gmail.com?utm_medium=email&utm_source=footer>
>> .
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Ansible Project" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to ansible-project+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/ansible-project/CAApSnDCV3OgoyQVo783MVjzebG22fAFBKXCvPVgmiV%2BnLSRX3Q%40mail.gmail.com
> <https://groups.google.com/d/msgid/ansible-project/CAApSnDCV3OgoyQVo783MVjzebG22fAFBKXCvPVgmiV%2BnLSRX3Q%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"Ansible Project" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to ansible-project+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/ansible-project/CAKG6amfN4BynG9EqAsOsfc9_3K-DB7_F8z%3DBo2UjGfY-GYupXw%40mail.gmail.com.
