3 Replies Latest reply on Sep 27, 2011 1:09 PM by Bill Robinson

    "Mapping" BL Roles to AD groups

    William L. Thomas, Jr.

      Using AD/Kerberos authentication and synchronizing users, is there a way that BL Role "membership" can be controlled by Active Directory group membership?


      For example, I have users Joe@mydomain.com and Mary@mydomain.com in Active Directory. Joe@mydomain.com is a member of the AD group "Developers" and Mary@mydomain.com is a member of the AD group "Testers". I also have the BL Roles "Developers" and "Testers" in BladeLogic. Is there a way to configure AD/Kerberos authentication so that when Joe@domain.com logs in to BladeLogic he is automatically given the "Developers" BL Role and when Mary@mydomain.com logs in she is automatically given the "Testers" BL Role?


      More, can this be configured that when provisioning new users with BladeLogic access all I would need to do is place them in the the appropriate AD group and they will automatically be provisioned in the appropriate BL group?


      I thought I have seen a BL script that queries AD group membership and places users in the "corresponding" BL group but I cannot find any reference to it now. Can anyone help?