Adding Roles for LDAP Users and Groups
DataStax Enterprise supports using LDAP for authentication or role management, or both.
All permissions granted to roles that reflect LDAP groups to which the user belongs – directly or indirectly – are inherited. The inherited permissions include login permission, scheme permissions, proxy execution permissions, and object permissions.
- Adding roles for LDAP logins
Assigns a DSE role by matching the username provided for authentication (1-1 mapping).
- Adding roles for LDAP groups
Assign roles by matching the user’s LDAP group names to DSE role names.