Hi Claudio, Yes, you should be able to accomplish this by putting the highest level group you want authorized (in this case, Group B) as the target. There is more information available in the Admin Guide [1]. I think the important setting for this case is Group Search Scope, which would likely need to be set to “SUBTREE”. More information on nested LDAP groups here [2].
[1] https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#ldapusergroupprovider <https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#ldapusergroupprovider> [2] https://stackoverflow.com/a/5135252/70465 <https://stackoverflow.com/a/5135252/70465> Andy LoPresto alopre...@apache.org alopresto.apa...@gmail.com He/Him PGP Fingerprint: 70EC B3E5 98A6 5A3F D3C4 BACE 3C6E F65B 2F7D EF69 > On May 7, 2020, at 11:18 AM, Lombardo, Claudio <cmlomba...@ucsd.edu.INVALID> > wrote: > > Hello there. > > I was wondering if NIFI supports nested groups for authorization. > > Basically, if a user is a member of Group A and group A is a member of Group > B, is it possible to have NIFI authorize group B, which only contains another > group (group A)? > > Thank you, > Claudio > > Claudio M. Lombardo > Sr. Enterprise Platforms Engineer > Application Platforms > Information Technology Services > > UC San Diego > cmlomba...@ucsd.edu
