Define User Groups That Correspond To Role-based Groups In LDAP

From Secure Web Gateway

Overview

Creating User Groups based on  LDAP users or Groups and enabling SSO authentication for that users.

Prerequisites

Integrate LDAP server with SafeSquid. If not see our document - Integrate Active Directory For SSO Authentication

Note : Avoid Locking Yourself to SafeSquid Interface When You Are Configuring Policies In Access Restrictions

Access The SafeSquid User Interface

Go to Configure Page

Go to configure page.png

Go to Application Setup

 

Creating user groups based on LDAP3.png

Go to Access Restrictions

 

Creating user groups based on LDAP4.png

Enable SSO Authentication

 

 

Creating user groups based on LDAP5.png

Go to Allow list

 

Creating user groups based on LDAP6.png

Change the order of Default entries

To avoid locking yourself to the SafeSquid User Interface.

See the working of each default Entry  here

 

Creating user groups based on LDAP7.png

 

Add LDAP users

 

Creating user groups based on LDAP8.png

 

 

Creating user groups based on LDAP9.png

 

 

Creating user groups based on LDAP10.png

 

 

If your LDAP server is not integrated then you will not see any users list in the drop down menu

Creating user groups based on LDAP11.png

 

 

Creating user groups based on LDAP12.png

 

 

Creating user groups based on LDAP13.png

 

 

The config value in Access represents the SafeSquid Interface access

Creating user groups based on LDAP14.png

 

 

Creating user groups based on LDAP15.png

 

 

Creating user groups based on LDAP16.png

 

 

Creating user groups based on LDAP17.png

Creating Multiple User Groups

 

You can also create the new entry at the bottom, but again you want to re order the entries. So clone is the better way to add new user groups.

Creating user groups based on LDAP18.png

 

 

Creating user groups based on LDAP19.png

 

 

Creating user groups based on LDAP20.png

 

 

Creating user groups based on LDAP21.png

 

 

Creating user groups based on LDAP22.png

 

 

Creating user groups based on LDAP23.png

 

 

Creating user groups based on LDAP24.png

Adding Administrators in ADMINS entry

 

Creating user groups based on LDAP25.png

Here you should Add the logged in user with his Username and Password.

Example:

Now, I am accessing my SafeSquid interface from my Active Directory server with the following details

User: Administrator@safeSquid.test

Password: sarva@12345

Then i will add this user in the ADMINS entry. 

 

Creating user groups based on LDAP26.png

 

 

Creating user groups based on LDAP27.png

 

 

Creating user groups based on LDAP28.png

 

 

Creating user groups based on LDAP29.png

Check the Entry for General Users

 

Creating user groups based on LDAP30.png

Testing User Authentication

 

Creating user groups based on LDAP31.png

 

 

Creating user groups based on LDAP32.png

 

 

Creating user groups based on LDAP33.png

 

 

Creating user groups based on LDAP34.png

Check for  Authentication Failures

 

Creating user groups based on LDAP35.png

Save Configuration

When you click on Save config, it will give you a prompt for asking the confirmation to store your configuration  into the cloud. 
Select Yes only in below cases:

  •  if you want to use this same configuration in other SafeSquid instances.
  •  if your total configuration in all sections is completed and validated. 

Otherwise select No and click on submit

 
Save config final.png