XCP-ng
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Migrate from LDAP auth to SAML auth

    Scheduled Pinned Locked Moved
    Xen Orchestra
    2
    2
    241
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dmcanally
      last edited by

      XOA Team,

      When I first setup XOA, I enable the LDAP auth plugin. My security department has asked me to enable SAML auth and I'm running into the following issue.

      When a user first logs in with LDAP, it seems the user resource is tied to the LDAP auth backend. After enabling SAML auth, users who previously logged in with LDAP are not able to login with SAML. I see the following error in the logs...

      xoa xo-server[9961]: the name USERNAME is already taken

      Is there a way to switch auth backends for existing users? I understand it is possible to delete all users, however rebuilding ACL's and associating resource ownership would be quite difficult. Are there any official recommendations or workarounds for this situation?

      Thanks,
      Denver

      1 Reply Last reply Reply Quote 0
      • olivierlambertO
        olivierlambert Vates 🪐 Co-Founder CEO
        last edited by

        Hi,

        If you are using XOA, please create a support ticket. This way our teams could take a look remotely to find the best solution.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post