Currently we have a working LDAP connection to our AD but we import users manually and remove them manually when access should be stopped.
This is a certain administration effort, the only advantage is that users can user their AD credentials to authenticate.
Target is to manage user access to Centreon only in AD, e.g.,
- all members of the AD group Group_A should be member of a certain Centreon contact group, e.g. “Admin”
- all members of the D group Group_B should be member of a certain Centreon contact group, e.g. “ReadUsers”
- …
When a user has been removed from the corresponding AD group access to Centreon should be removed automatically.
Long story short: Centreon access rights should be managed fully in AD without need to manage users in Centreon.
Is this possible?
Official documentation is not very helpful (https://docs.centreon.com/docs/administration/parameters/ldap/).
For me this seems to be the standard how authorization should work.
I searched in TheWatch as well but I did not found a solution.
Could you please help?