The admin guide should cover most of the scenarios: https://nifi.apache.org/docs/nifi-docs/html/administration-guide.html#ldap-based-usersgroups-referencing-user-dn
On Tue, Dec 14, 2021 at 12:53 PM Michael Radov (RIT Alumni) <[email protected]> wrote: > > Bryan, > > Thank you very much! After setting the ldap-provider information in the > logion-identity-providers.xml and the LDAP Group Provider in the > authorizers.xml, one would use the authorizers.xml file to load the user > groups. There wont be a need to use the files to be a User Group Provider if > I am using just LDAP. Is there a guide that one can use for creating > file-based policy provider information in the authorizations.xml file? > > Best, > Mike R > > On Tue, Dec 14, 2021 at 12:14 PM Bryan Bende <[email protected]> wrote: >> >> CAUTION: This message is from an off campus source. Access to web links will >> be filtered (by proxy) for additional protection. Click with caution. >> CAUTION: This message came from outside RIT. If you are unsure about the >> source or content of this message, please contact the RIT Service Center at >> 585-475-5000 or help.rit.edu before clicking links, opening attachments or >> responding. >> >> >> Hello, >> >> The standard authorizer is composed of a user-group-provider and a >> policy-provider. The LDAP user-group-provider can be be used to load >> groups from LDAP, but you still need to define policies on them which >> would be through a policy-provider, most likely the File-based >> policy-provider which stores policies in authorizations.xml. >> >> Thanks, >> >> Bryan >> >> On Tue, Dec 14, 2021 at 10:02 AM Michael Radov (RIT Alumni) >> <[email protected]> wrote: >> > >> > Hey, >> > >> > I am looking to see if there is a way to get NiFi to read directly from >> > LDAP Groups. If this were the case, I would use the User Groupo Provider to >> > ldap-user-group-provider. However, would one still need to use an >> > authorizations file? >> > >> > I was reading through the work that Pierre Villard did on LDAP Group >> > Authentication and authorization >> > <https://pierrevillard.com/2017/12/22/authorizations-with-ldap-synchronization-in-apache-nifi-1-4/> >> > using >> > NiFi in a similar way and wanted to know if the file user group provider >> > was necessary? >> > >> > Best, >> > Mike R
