Map AD group with Portworx Backup group

To map AD group with Portworx Backup group, you need to create groups, assign roles and then map the AD group(s) with required Portworx Backup group(s).

Create groups and assign roles

  1. Access Keycloak with the URL, https://< backup user interface IP:port number >/auth/ and then select Administration Console. keycloak console

  2. Login with valid and active credentials.

  3. In the left panel, navigate to Master > Manage > Groups and then click New.
    create group

  4. Enter a name for the group and click Save.

  5. Click the Role mappings tab. group to group mapping

  6. Choose the required role(s) from the available roles and click Add selected to assign roles to the newly created group.

Map AD Group with Portworx Backup Group

  1. Navigate to Configure > Identity Providers. identity provider

  2. Click on the Name of the Identity Provider.

  3. Select the Mappers tab and then click Create. mappers

  4. Provide the following details:

    • Enter the Name of identity provider mapper
    • Choose force from Sync mode Override dropdown
    • Choose Advanced Claim to Group from Mapper Type dropdown
    • Under Claims, enter the below values and then click Add:
      • Key: enter groups
      • Value: add the Object Id of the AD group dddd-ddd-ddd-dddd (alphanumeric key)
    • For Group, click Select Group and then choose the px-backup group to map with AD group. add identity provider
  5. Click Save.

Last edited: Tuesday, Nov 29, 2022