Imperva Cyber Community

Hi Community..

I have a use case to create a role for a LDAP group of people who will only has access to the "Users & Permissions" tab in the DAM MX GUI.

Here is what I had done:

• Create a Role in Admin --> Users & Permission
• Assign all permissions in the Permissions tab
• Checked "Users & Permissions" in Navigation tab
• In Global Settings, checked "The user is authorized to perform Activate Settings unconditionally."
• Create External Role and assign the above Role to the LDAP group
• Logged in using an account from this LDAP group

However I am unable to create users. Am i missing any steps?

#DatabaseActivityMonitoring

------------------------------
Larry Ho
Presales
M.Tech Products Pte Ltd
Singapore
------------------------------

Hi Larry Ho,

Once external roles have been created, external system users that were not defined as SecureSphere users can login to SecureSphere. In that case all the Active Directory users that are members of Active Directory group for which you define external roles can login into SecureSphere.

When such an Active Directory user attempts to login, SecureSphere connects to Active Directory and searches for that user. If this user is authenticated in Active Directory and there is an external role in SecureSphere for that Active Directory user group, then this user is successfully logged into SecureSphere with the Active Directory user name and is added as an External User. This user receives all the permissions granted to all matching external roles. This configuration is consistent throughout the Active Directory - SecureSphere session.

To troubleshoot the current access issues, could you please confirm that the following items are configured in your Imperva DAM environment:

1. LDAP Configuration Verification

In the Admin workspace, navigate to System Definitions > Authentication & Authorization Configuration and verify:

• The User Authentication method is set to include your external LDAP/AD system.
• The specific LDAP server is correctly defined and the connection test is successful.

2. Role Mapping

• Ensure the assigned Role has the Manage Users permission enabled under the Permissions tab to allow the creation of new users.

Hi Community..

I have a use case to create a role for a LDAP group of people who will only has access to the "Users & Permissions" tab in the DAM MX GUI.

Here is what I had done:

• Create a Role in Admin --> Users & Permission
• Assign all permissions in the Permissions tab
• Checked "Users & Permissions" in Navigation tab
• In Global Settings, checked "The user is authorized to perform Activate Settings unconditionally."
• Create External Role and assign the above Role to the LDAP group
• Logged in using an account from this LDAP group

However I am unable to create users. Am i missing any steps?

#DatabaseActivityMonitoring

------------------------------
Larry Ho
Presales
M.Tech Products Pte Ltd
Singapore
------------------------------

Hi Mitesh,

Yes, the LDAP integration is working and I am able to do the Test Connection.

For the "Manage Users" permission, can you enlighten me where is it? Because I can only see these

Hi Larry Ho,

Once external roles have been created, external system users that were not defined as SecureSphere users can login to SecureSphere. In that case all the Active Directory users that are members of Active Directory group for which you define external roles can login into SecureSphere.

When such an Active Directory user attempts to login, SecureSphere connects to Active Directory and searches for that user. If this user is authenticated in Active Directory and there is an external role in SecureSphere for that Active Directory user group, then this user is successfully logged into SecureSphere with the Active Directory user name and is added as an External User. This user receives all the permissions granted to all matching external roles. This configuration is consistent throughout the Active Directory - SecureSphere session.

To troubleshoot the current access issues, could you please confirm that the following items are configured in your Imperva DAM environment:

1. LDAP Configuration Verification

In the Admin workspace, navigate to System Definitions > Authentication & Authorization Configuration and verify:

• The User Authentication method is set to include your external LDAP/AD system.
• The specific LDAP server is correctly defined and the connection test is successful.

2. Role Mapping

• Ensure the assigned Role has the Manage Users permission enabled under the Permissions tab to allow the creation of new users.

Hi Community..

I have a use case to create a role for a LDAP group of people who will only has access to the "Users & Permissions" tab in the DAM MX GUI.

Here is what I had done:

• Create a Role in Admin --> Users & Permission
• Assign all permissions in the Permissions tab
• Checked "Users & Permissions" in Navigation tab
• In Global Settings, checked "The user is authorized to perform Activate Settings unconditionally."
• Create External Role and assign the above Role to the LDAP group
• Logged in using an account from this LDAP group

However I am unable to create users. Am i missing any steps?

#DatabaseActivityMonitoring

------------------------------
Larry Ho
Presales
M.Tech Products Pte Ltd
Singapore
------------------------------