Add roles for LDAP groups

When using LDAP authentication with LDAP role management, Hyper-Converged Database (HCD) assigns the user all the roles that match the LDAP groups of which they are a member. At least one HCD role must have login privileges.

For more information about restricting access to data, see Restrict access to data.

LOGIN: At least one group the user belongs to must have login privileges that allow the user to execute requests.

  1. Bind the assignment to an authentication scheme:

    GRANT EXECUTE on LDAP SCHEME to GROUP_NAME;

    Replace GROUP_NAME with the name of the LDAP group.

Next steps

Assign permissions to the role. For more information, see About Role Based Access Control (RBAC).

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2025 DataStax, an IBM Company | Privacy policy | Terms of use | Manage Privacy Choices

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000, info@datastax.com