Glad to hear it! If your company uses AD for authentication, then using AD groups will make it nice and easy to automatically assign roles to users via AD group membership.
The second part of my email was about that topic. Once LDAP is configured, navigate to the LDAP Group Mapping tab where you should see a list of all your AD groups. Simply use the pull down beside the appropriate groups to assign the Graylog role to the group. One point to note is make sure your users are members of only one Graylog related group. Some applications/systems don't work well when a user is mapped to multiple groups that it uses for authentication and this can cause unexpected results. I'm not sure if Graylog has issues with this or not but it's safer just to ensure each user is a member of one group only that's used for Graylog LDAP group mapping. Hope that answers your question. Cheers, Pete On Wednesday, 3 August 2016 08:57:24 UTC+10, Joshua Walderbach wrote: > > Ok I got it to work, I can log in as a domain user. However editing my > user to be Admin doesn't stick. I see it wants me to bind AD Groups to > Graylog Roles. Can you point me in the right direction there? > > On Tue, Aug 2, 2016 at 4:11 PM, Pete GS <[email protected] <javascript:>> > wrote: > >> Hmmmm seems my updates to my fields didn't get saved for some reason. >> >> Simply substitute the distinguished name "dc=company,dc=corp" for >> "dc=lab,dc=melbourneit,dc=com". >> >> All else should stay the same. >> >> Cheers, Pete >> >> On Wednesday, 3 August 2016 06:08:11 UTC+10, Joshua Walderbach wrote: >>> >>> I need help getting the correct Search Base DN, User Search Pattern, and >>> Group Mapping variables in Graylog 2.x. I'm using Active Directory and >>> after entering information into step 1., Test Server Connection is OK. In >>> my domain, company.corp, there is a OU called Roles and in that a Group >>> called Graylog. I've assigned users to the Group. I've tried several >>> different combinations and unable to get anything to work when I run a >>> Login test. Fails to connect or find user. >>> >>> Would anyone be so kind to explain what I need to do here? AD is a >>> major weak spot for me. Working on that. >>> >>> >>> >>> >>> <https://lh3.googleusercontent.com/-dtCxwuC6JA0/V6D9QFpfAWI/AAAAAAAAARo/KxXlH6cFqlIc6urPaQJXGeTtfhCuLPKvgCLcB/s1600/Screenshot%2Bfrom%2B2016-08-02%2B14-06-10.png> >>> >>> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "Graylog Users" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/graylog2/5LG1b_2a5AU/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/graylog2/22fa0696-13fb-4e17-8470-52e00912ad78%40googlegroups.com >> >> <https://groups.google.com/d/msgid/graylog2/22fa0696-13fb-4e17-8470-52e00912ad78%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > > > -- > > > > joshua walderbach | OPERATIONS ENGINEER | 303.495.6980 x732 > > > > > <http://influence.tv/> > > 3457 RINGSBY CT, #111 | DENVER, CO 80216 > WWW.INFLUENCE.TV <http://www.influence.tv/> | EMAIL PRIVACY POLICY > <http://influence.tv/cdn/disclaimers/email-privacy.html> > > <http://www.facebook.com/wedeliverwow> <https://twitter.com/wedeliverwow> > <http://wow-u.tv/185dZdn> <http://wow-u.tv/16UFXrM> > <http://pinterest.com/wedeliverwow> > > WE ARE A TRIBE > We believe we can significantly impact the quality of life and aliveness > on the planet with technology. > As such, we will be relentless in delivering “WOW” technology solutions to > the world that are elegantly > simple, game-changing to entire industries, *and* impactful to the > quality of millions of people’s lives. > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/e42e7801-ba95-4179-a581-88911590eecd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
