F5 BIG-IQ Centralized Management Lab > BIG-IQ All Labs > Class 4: BIG-IQ Platform > Module 2: Role Base Access Control (RBAC) Source | Edit on
Lab 2.6: Configure LDAP with BIG-IQ using user groups¶
Note
Estimated time to complete: 10 minutes
In this lab, we are going to configure LDAP on the BIG-IQ and create a user group, assign it to an existing role, then login with a user part of this group on the LDAP server.
Lab environment access¶
If you have not yet visited the page Getting Started, please do so.
Tasks¶
- Login to BIG-IQ as david .
- Navigate to System > User Management > Auth provider. Click on Add to Create a new Authentication Provider:
Fill out the necessary fields following below table.
| LDAP |
|
At the bottom of the page, test the LDAP configuration with this user:
- Test User:
newton - Test Password:
password
Click on Test. The result should show success.
Save the configuration. When seeing the SSL Warning message, click on Continue.
- Navigate to System > User Management > User Groups, click Add.
Select the previously created auth provider, enter * in the remove group filter and click on Search.
Select the group called scientists and assign the Administrator Role to this user group. Save.
- Before trying our new LDAP User Group, let’s quickly check the current list of users, navigate under System > User Management > Users.
Notice there are no LDAP users.
- Logout from david user, login using the newton, selecting serverLdap in the Auth Provider list. Password is password.
- You are now successfully authenticated as newton, navigate under System > User Management > Users to our newton user was automatically created on the BIG-IQ as belonging to the user group scientists.
