Failing to Assign Rancher Administrator role to OpenLDAP group

vyhnguyen · May 12, 2020, 3:59pm

Please see https://github.com/rancher/rancher/issues/27045

The goal is to assign Rancher global Administrator role to an OpenLDAP group so that all users/members in that specific LDAP Group can access Rancher UI with admin privileges.

I follow the instruction from this https://rancher.com/docs/rancher/v2.x/en/admin-settings/rbac/global-permissions/#assigning-a-custom-global-permission-to-a-group - Configuring Global Permissions for Groups.

I have OpenLDAP authentication enabled in Rancher 2.4.3. I have rancher-admin OpenLDAP group that I assign the Rancher global Administrator role (in addition to Standard User role). As a user/member of the “rancher-admin” group, I should be able to login to Rancher UI with admin access. However, that’s not the case. It appears I only have Standard User permission since I do not see any resources (clusters, projects, etc.).

Thank you.

vyhnguyen · May 13, 2020, 8:50pm

I no longer have the issue after I updated the configuration for Users and Groups attributes base on these 2 links:

Thank you.

Topic		Replies	Views
Role assignment to LDAP users in Rancher 2.6 Rancher	1	385	March 7, 2022
OpenLDAP Groups not working as expected in Rancher 1.4 Rancher 1.x	1	732	February 15, 2017
How to mapping Rancher environment roles and ldap groups Rancher 1.x	4	3455	July 26, 2016
Access control wth openldap Rancher 1.x	1	1507	July 12, 2016
[API] How grant admin access level to openldap user/group? Rancher 1.x	0	712	May 30, 2017

Failing to Assign Rancher Administrator role to OpenLDAP group

Related Topics