From 59394c650401c690d57b2a5a6ab98b95d013cf8e Mon Sep 17 00:00:00 2001 From: Natalia Ivakina Date: Wed, 7 May 2025 15:41:18 +0200 Subject: [PATCH 1/2] Fix group-role mapping for LDAP integration --- .../pages/authentication-authorization/ldap-integration.adoc | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc b/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc index 4f1b40808..a00af570e 100644 --- a/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc +++ b/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc @@ -96,7 +96,8 @@ dbms.security.authorization_providers=ldap,native To assign privileges to users based on their LDAP groups, you have to map the LDAP groups to the xref:authentication-authorization/built-in-roles.adoc[Neo4j built-in] and custom-defined roles. To do that, you need to know what privileges the Neo4j roles have, and based on these privileges, to create the mapping to the groups defined in the LDAP server. The map must be formatted as a semicolon separated list of key-value pairs, where the key is a comma-separated list of the LDAP group names and the value is a comma-separated list of the corresponding role names. -For example, `group1=role1;group2=role2;group3=role3,role4,role5;group4,group5=role6`. + +For example, `group1=role1;group2=role2;group3=role3,role4,role5;group4=role6;group5=role6`. .Example of LDAP groups to Neo4j roles mapping ==== From 0983e4fdb4ea4eca10137896265d7ceb51d8ad95 Mon Sep 17 00:00:00 2001 From: NataliaIvakina <82437520+NataliaIvakina@users.noreply.github.com> Date: Mon, 12 May 2025 11:22:17 +0200 Subject: [PATCH 2/2] Update modules/ROOT/pages/authentication-authorization/ldap-integration.adoc Co-authored-by: Olivia Ytterbrink --- .../pages/authentication-authorization/ldap-integration.adoc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc b/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc index a00af570e..0329374e9 100644 --- a/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc +++ b/modules/ROOT/pages/authentication-authorization/ldap-integration.adoc @@ -95,7 +95,7 @@ dbms.security.authorization_providers=ldap,native To assign privileges to users based on their LDAP groups, you have to map the LDAP groups to the xref:authentication-authorization/built-in-roles.adoc[Neo4j built-in] and custom-defined roles. To do that, you need to know what privileges the Neo4j roles have, and based on these privileges, to create the mapping to the groups defined in the LDAP server. -The map must be formatted as a semicolon separated list of key-value pairs, where the key is a comma-separated list of the LDAP group names and the value is a comma-separated list of the corresponding role names. +The map must be formatted as a semicolon separated list of key-value pairs, where the key is a LDAP group name and the value is a comma-separated list of the corresponding role names. For example, `group1=role1;group2=role2;group3=role3,role4,role5;group4=role6;group5=role6`.