Reputation: 11
Rundeck ACL based on AD groups
I am going to use Rundeck in production.
While reading docs, I found that users management is based on local ACL files. And AD authentication is available.
My question is: Is it possible to manage users access to Jobs and Nodes by AD groups?
Fox example: AD groups: rundeck_restrat_svcName1, rundeck_restrat_svcName2, ect..
Thanks for any information.
Upvotes: 1
Views: 963
Answers (1)
Reputation: 2050
Yes.. You can do that.
1, Create a jaas configuration file for AD, say jaas-AD.conf at /etc/rundeck folder like this
2, Modify the profile file's two lines.
export RDECK_JVM="-Djava.security.auth.login.config=/etc/rundeck/jaas-AD.conf
-Dloginmodule.name=activedirectory
3,In AD create a new group, say rundeck_users and create an .aclpolicy file to set the ACL. There you have to use group as rundeck_users. You can create .aclpolicy file yml frame by rd-acl binary
Upvotes: 0
Related Questions
- Rundeck ACL to limit LDAP groups to specific projects
- Rundeck Project SCM exportUuidBehavior "original" overwrites my job UUID
- Rundeck Enterprise deployment and testing strategies for jobs/workflows
- Rundeck ACL to hide definition
- How do you Create Groups and Permissions in Django model from Active Directory Groups with django-python3-ldap?
- Rundeck ACL Limit user to only see specific groups in project
- User Group and Role Management in .NET with Active Directory
- Sharepoint like AD authentication restricting access to specific web pages