I try to add LDAP User Groups to specific Gateway Roles, for instance the LDAP Group "CA_ADIMIN" to the Gateway Role "Administrator" to be able to login with all the ldap Users which are member of the "CA_ADMIN" LDAP Group.
How can I achive this?
When I try to login with an user which is member of the "CA_ADMIN" Group, I get the error "Invalid Username/Password"
What is already configured/tried:
Two Identity Providers, one with an ldap search base for the LDAP groups and one with an search Base to get users.
The providers are mapping all the attributes except the certificate from the ldap users (I removed the mapping of the certificate, else an login without client certificate was not possible anymore).
Searching both providers works and the users contain the data mapped correctly and the groups contain the specific users and also the data mapped correctly.
I add the LDAP Role "CA_ADMIN" to the CA Administrator Role through the menu:
Task->Users and Authentification -> Manage Roles
selecting Administrator and Adding the LDAP Group (CA_ADMIN) to the Assignments.
If I add the specific LDAP Users to the CA Administrator Role then I can login to the Gateway with the LDAP Users.