Sec/User Mgmt: Step 2: Map User Roles to External Groups

Document created by RSA Information Design and Development on Jul 28, 2016
Version 1Show Document
  • View in full screen mode
 

In Security Analytics, external groups derive permissions for various modules and views from Security Analytics user roles, which have permissions assigned to them. To provide access to an external group, map user roles to it. To modify an external group's access, edit the roles mapped to it. Add and delete roles until the external group has the necessary access. Changes take effect immediately.

Prerequisites

In the Settings tab, you must set up a method for external user authentication to make external groups visible to Security Analytics.

Add Role Mapping for an External Group

  1. In the Security Analytics menu, select Administration > Security.
    The Security view is displayed with the Users tab open.
  2. Click the External Group Mapping tab.
  3. In the toolbar, click run_config_add.png.
    The Add Role Mapping dialog for the external authentication method you selected is displayed.
    AddRoleMap_AD.png   AddRoleMap_PAM.png
  4. Click Search and search for an external group name in the Search for External Groups dialog, then select an external group name.
  5. To add roles to the group mapping, click icon_add.png in the Mapped Roles section.
    The Add Role dialog is displayed.
    AddRoleDialog_NoTabs.png
  6. Click the checkbox in the title bar to select all roles, or select roles individually.
  7. To add the roles to the Mapped Roles section in the Add Role Mapping dialog, click Add.
    The dialog closes and the selected roles are displayed in the Mapped Roles section.
  8. If you want to delete roles from the Mapped Roles section, select the roles and click rule_del.png.
  9. When the Add Role Mapping dialog reflects the role mapping that you want to define for the group, click Save.
    The Add Role Mapping dialog closes, and the new role mapping is listed in the External Group Mapping tab grid.

Edit Role Mapping for a Group

  1. In the External Group Mapping action bar, click Edit.
    The Edit Role Mapping dialog is displayed with the group name in the External Group Name field.
  2. To add roles to the mapping, click icon_add.png in the Mapped Roles section.
    The Add Role dialog is displayed.
  3. Click the checkbox in the title bar to select all roles, or select roles individually.
  4. To add the roles to the Mapped Roles section in the Add Role Mapping dialog, click Add.
    The dialog closes, and the selected roles are displayed in the Mapped Roles section.
  5. If you want to delete roles from the Mapped Roles section, select the roles and click rule_del.png.
  6. When the Edit Role Mapping dialog reflects the role mapping that you want to define for the group, click Save.
    The dialog closes, and the edited role mapping is listed in the External Group Mapping tab grid.
You are here: Set Up Public Key Infrastructure (PKI) Authentication > Configure PKI Authentication > Step 2. Map User Roles to External Groups

Attachments

    Outcomes