Prerequisites

• For an overview of the Identities feature, refer to the section: Overview/Introduction/Concepts

Configuration

Add a Local (Cyolo) Group

● Log in to the Cyolo Admin Portal.
● Navigate to Identities > User Groups.
● Click Add in the top right corner.

In the New window, enter the following information in each field:

1. Define a group name – Enter a name for this group.

2. Set Group State – The toggle button allows you to set the status of the group to enabled or disabled. It is enabled by default.

3. Selected users – Click Edit members.

4. In Add users, enable the checkbox for each user to add the user to the group.

5. Click Confirm.

   

6. Click Create.

Add a Dynamic Group

At least one external IdP must be configured on Integrations > Identity Providers before creating a dynamic group. Refer to the section on integrating external IdP to the Cyolo platform: Configuring LDAP Integration.

● Click the drop-down alongside the Add button and select Dynamic Group.

● Choose identity provider - The identity providers integrated with the Cyolo platform will be displayed at the top. Select the IdP for this configuration. In this example there is only one, LDAP, which is selected by default.
● Choose group resolving method – Choose the method to locate the group:
- Attribute – Enter the attribute of the group in the IdP. For example, memberOf.
- Free Query -
● Click Import Groups.

● In the Import LDAP Groups window, enter the name of a group in the search box.
● Select the group from the groups displayed.
● Click Confirm.

● Define groups by their expected value – Enter the name of the group to be imported and its identification value within the external IdP. For example, in the case of LDAP, it is DN.
o Group name - Set a local name for this dynamic group.
o Expected Value - CN=Domain Admins, CN=Users, DC=example, DC=com
● Click Add.

● Click Add in the top right corner.