Using identity federation

Using identity federation makes setting up tenant groups and users faster, and it allows tenant users to sign in to the tenant account using familiar credentials.

  1. Configuring a federated identity source
    You can configure identity federation if you want tenant groups and users to be managed in another system such as Active Directory, OpenLDAP, or Oracle Directory Server.
  2. Forcing synchronization with the identity source
    The StorageGRID system periodically synchronizes federated groups and users from the identity source. You can force synchronization to start if you want to enable or restrict user permissions as quickly as possible.
  3. Disabling identity federation
    If you configured an identity federation service for this tenant, you can temporarily or permanently disable identity federation for tenant groups and users. When identity federation is disabled, there is no communication between the StorageGRID system and the identity source. However, any settings you have configured are retained, allowing you to easily re-enable identity federation in the future.
Parent topic: Managing system access for tenant users
Copyright © 1994-2020, NetApp, Inc. All rights reserved.
Part number: 215-14710_2020-07_en-us
July 2020