Configure Users and groups when using LDAP as authentication

Hello,

I am using the LDAP Authentication method to connect to the KNIME Server. When a user connects to the server a folder is automatically created under the “Users” folder and a connection via the KNIME Analytics Platform can be created.

Unfortunately, I couldn’t find out yet on how to manage the access/ rights for these users.
Are there any further steps necessary so I can see the users and edit their access/rights?

Thanks in advance.

Hi @chrisbarg,

you can see the users that authenticated against the KNIME Server in the Administration section of the WebPortal. However you would not be able to see LDAP groups assigned to the users in that section.

In case you want to grant users or specific LDAP groups permissions, you would need to do that via KNIME Analytics Platform. You can right click on a repository item, go to Permissions and then add a user (the LDAP username) or a group (LDAP group name) to the view, which will then grant access based on the configuration (read, write, execute) you have selected.

Best,
Julian

1 Like

Hello Julian,

thanks for your help. Does that mean that for all users authenticating with their LDAP username I will have to explicitly give rights to certain items?
Is there a way to give certain LDAP users admin rights? If so, where could I make these adjustments?

Thanks in advance

Hi @chrisbarg,

sorry for the late response.
There are server settings which you need to update to grant specific users or groups admin rights.
You can either set it via the WebPortal (Administration → Configuration) or by editing the knime-server.config file on your server (usually in %install-dir%/workflow_repository/config/knime-server.config).

There are two options:
com.knime.server.server_admin_groups
com.knime.server.server_admin_users

You can add the LDAP user name or LDAP Group name there to grant users/groups admin rights.

Best,
Julian