AWX SAML Configuration

Prasad_Shetty · September 10, 2020, 4:31am

Hello Everyone-

I was trying to setup a SAML team map in AWX . I am able to achieve the same using LDAP but in SAML it bit confusing. Could you please help me on the same. If anyone already configured. Please share the real example configuration for my reference.

SAML ORGANIZATION ATTRIBUTE MAPPING
SAML TEAM MAP
SAML TEAM ATTRIBUTE MAPPING

Raju_Das · September 10, 2020, 5:20am

Hi,

Please find Redhat Doc if it helps…

Mapping between organization admins/users and LDAP groups

The org mapping parameters controls what users are placed into what Tower organizations relative to their LDAP group
memberships. Some things to note:

Keys are organization names.
Organizations will be created if not present.
Values are dictionaries defining the options for each organization’s membership.
For each organization it is possible to specify what groups are automatically users of the organization and also what
groups can administer the organization.
- admins: None, True/False, string or list/tuple of strings.
  - If None, organization admins will not be updated based on LDAP values.
  - If True, all users in LDAP will automatically be added as admins of the organization.
  - If False, no LDAP users will be automatically added as admins of the organiation.
  - If a string or list of strings, specifies the group DN(s) that will be added of the organization if they match any of the specified groups.
- remove_admins: True/False. Defaults to True.
  - If True, a user who is not an member of the given groups will be removed from the organization’s administrative list.
- users: None, True/False, string or list/tuple of strings. Same rules apply as for admins.
- remove_users: True/False. Defaults to True. Same rules as apply for remove_admins

Here is an example input for Organization mapping:

{
    "Test Org": {
        "admins": "CN=Domain Admins,CN=Users,DC=example,DC=com",
        "users": ["CN=Domain Users,CN=Users,DC=example,DC=com"],
        "remove_users" : "True",
        "remove_admins" : "True"
    },
    "Test Org 2": {
        "admins": ["CN=Administrators,CN=Builtin,DC=example,DC=com"],
        "users": "True",
        "remove_users" : "True",
        "remove_admins" : "True"
    }
}

Prasad_Shetty · September 10, 2020, 5:12pm

Thank you Raju
I am currently using LDAP mapping and it is working fine.I was looking very specifically SAML mapping options.

Topic		Replies	Views
Organization, Team and Role Mapping from SAML using AD groups Get Help awx	0	47	August 5, 2024
AWX 19.2.0 cant map LDAP groups as org admin AWX Project awx	1	1	July 12, 2021
SAML Team Mapping AWX Project awx	1	1	June 25, 2019
Assign specific admin in LDAP organization mapping. AWX Project awx	0	1	November 18, 2018
AWX SAML Organization/Team/Group mapping guide. AWX Project awx	0	0	November 8, 2019

AWX SAML Configuration

Related topics