How to extract an authentication server group 编辑
Citrix Application Delivery Management (ADM) allows you to extract the group of users existing on the external authentication server, and assign them permissions as their role demands and as per the Citrix ADC definitions. This has two advantages:
You do not have to create users on Citrix ADM. Though the groups are extracted into the Citrix ADM server, they are managed on the external servers from the Citrix ADM rather than adding them on the system.
Citrix ADM performs the authorization of users by assigning group permissions to access specific load balancer virtual servers, and for specific applications on the system. In future, when the particular authentication server is removed from the system, the groups and users will be automatically removed from the system.
Configuring groups and assigning group permissions
In Citrix ADM, navigate to System > User Administration > Groups.
Click Add to create a group.
In the Group Settings tab, type the name of the group, set the permissions as admin, readonly, appReadonly, or appAdmin. The other options that you can configure are session timeout, where you can set a timeout limit for the sessions logged in the users of that group, and you can also set the VM instances that can be accessed by the group members.
Note
Make sure that the name of the user group created on Citrix ADM is exactly the same as that created on external authentication servers. If not, the system will not recognize the group and the group members will not be extracted into the system.
In the Authorization Settings tab, you can provide authorization settings for the following four groups:
Instances
Applications
Configuration Templates
StyleBooks
By default, your user can access all the above groups. You can clear the checkboxes and provide selective access for each of these groups.
For example:
You can clear Instances checkbox and select only the required instances that you want to provide access to your users.
Clear All Applications checkbox and select only the required applications and templates. When you add applications to a group in Citrix ADM, you can use regex to search and add the applications that meet the regex criteria for the groups. The users who are bound to these groups can access only those specific applications. The regex expression specified is persisted in Citrix ADM. That is, Citrix ADM allows the regex provided in the Add Regular Expression text box to be stored in the system and dynamically updates the authorization scope whenever new applications meet this regex expression. When new applications are added to the system, Citrix ADM applies the search criteria to the new applications, and the application that meets the criteria is dynamically added to the group. You do not have to manually add the new applications to the group. The applications are updated dynamically in the system, and the respective group users can see the applications under appropriate modules in Citrix ADM.
Clear All Configuration templates checkbox to allow access to only the required templates.
Clear All StyleBooks checkbox and select the required StyleBooks that your user can access.
You can select the required StyleBooks when you create groups and add users to that group. When your user selects the permitted StyleBook, all dependent StyleBooks are also selected. The config packs of that StyleBook are also included in what the user has access to.
When you finish creating a group in the system, all the users in external authentication server are extracted into the system. You can check this by selecting the group and clicking Edit. The Users table in Create System Group displays the list of users connected with the group. You can also assign users to the group in the Assign users tab.
If the group name matches the group name on the external authentication server, the user inherits all of the authorization definitions when logged on to the system.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论