Map LDAP Group / Role to Drupal Users

Map LDAP Group / Role to Drupal Users


  • The Role Mapping feature allows you to map your LDAP/AD server roles/groups to Drupal roles. Using this feature you can assign mapped roles to your Drupal users based on their LDAP group.
  • Drupal provides three default roles i.e Authenticated user, Content editor, and Administrator. If you wish you can add more custom roles in Drupal by referring to these easy steps.
  • This document will guide you through the detailed steps to map Drupal roles to LDAP / AD server groups.

Configure Role mapping

  • Go to the Attribute & Role mapping tab.
  • Under LDAP Groups to Drupal User Role Mapping section, you will see the 3 checkboxes. Please refer to the description below and select the checkbox as per your requirement.
    1. Enable Role Mapping: allow your users to get the Drupal roles as per the selected LDAP groups.
    2. Check this option if you don't want to remove existing roles of users (New Roles will be added): add the new role to the user as per the configuration without deleting its existing role/roles.
    3. Enable Role Mapping for NTLM Users: automatically maps NTLM user roles from LDAP Groups to the selected Drupal Role.
    4. miniorange icon active directory integration LDAP integration
  • Select the role from the “Select default group for the users” drop-down. This role will be assigned to the Drupal users after successfully logging in to the Drupal site using their LDAP credentials.
  • miniorange icon active directory integration LDAP integration
  • You have a separate text field for every role in Drupal. You can map the LDAP group for each role separately. If you want to map more than one group you can add the groups separating with semicolons (;).
  • To get the groups of the user click on “Get your attributes” button. A popup will appear in which you will get the group of the user under the memberof attribute.
  • miniorange icon active directory integration LDAP integration
  • Now enter the group DN under the Drupal role text field in which you want to assign the drupal role to the users of that group. Eg. if you enter the LDAP group DN (cn=testGroup,dc=xecurify,dc=com) under the content editor text field, all your users present in LDAP testGroup group will get the content editor role after logging in using their LDAP credentials.
  • Click on the Save Configuration button to save your settings.
  • To test the above, please open an incognito window / new browser and go to your Drupal site’s login page.
  • Now please login the user using its LDAP credentials. The user will get the drupal role as per configured the LDAP group. Eg. If you try to log in the user “john doe” ( present in cn=testGroup,dc=xecurify,dc=com group) will get the drupal content editor role. You can refer to the below image.
  • miniorange icon active directory integration LDAP integration
  • Congratulations, you have successfully configured Role mapping in Drupal LDAP.

If you want any assistance to configure the module or want to try the fully featured 7-days trial version of the module feel free to reach out to us at drupalsupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com