How to map a AD’user multiple Cerberus Groups

Cerberus FTP Server – SFTP, FTP/S, HTTPS Server for Windows or the Cloud Forums General General Help How to map a AD’user multiple Cerberus Groups

  • This topic is empty.
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #30801
    systems_maintenance
    Participant

    I have the following scenario:

    We want configure that new AD’ user account have access to sf_clientA and sf_clientB directory.

    E: dir1/sf_clientA/inbound_dir

    /outbound_dir

    E: dir1/sf_clientB/inbound_dir

    /outbound_dir

    E: dir1/sf_clientC/inbound_dir

    /outbound_dir

    We tried it configuring Virtual directory pointing to sf_clientA and sf_clientB as home directory to this new AD’s user. But Cerberus only allows to map a single Cerberus Group. Is it possible with Cerberus??

    Note:

    sf_clientA,B and C are users of Active Directory with their Cerberus Group respectively.

    #37543
    pacman
    Participant

    Hello,

    You can only map an AD or LDAP user to a single Cerberus group.

    You will need to use AD group to Cerberus group mappings for anything else.

    https://www.cerberusftp.com/support/help/active-directory-configuration-scenarios/

    #37544
    systems_maintenance
    Participant

    OK, But in this scenario all members in this AD group can see all homes that other users belongs to this AD group.

    My question is if is possible the one of the members of this AD group can see only two other users homes for example: UserA can see home of sf_clientA and sf_clientB, not access to sf_clientC home.

    I have created a Group: GRP_USERS and its virtual directory is E:dir1

    I have configured AD Group: AD_GRP_USERS and associated it with Cerberus Group: GRP_USERS

    It works but all members of AD_GRP_USERS can see all homes of the all users in this group. We have a scenario that some users can see only some homes not all homes of the users (It is according our company policy) . is this possible?? or maybe we would try other solution.??

    #37545
    systems_maintenance
    Participant

    Hi team

    Do you have an update about my question related with right to access some users homes according scenario presented?

    #37546
    systems_maintenance
    Participant

    Cerberus team,

    Help me with the following solution for this case, it make sense!!!

    You will need to create several AD groups EX:

    ad_1

    ad_2

    ad_3

    Then you will need to create several Cerberus groups Example:

    CG_clientA virtual directory E:dirsf_clientA

    CG_clientB virtual directory E:dirsf_clientB

    CG_clientC virtual directory E:dirsf_clientC

    Once you have created these groups you can map multiple AD groups to Cerberus Groups Example:

    You could make User: SF_Test a member of

    ad-1

    Then map ad-1 to the Cerberus Groups

    CG_clientA and CG_clientB

    The user would only see the above two folders when logging in.

    Thanks Cerberus Team!!!

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.