Enabling Self-Authorization for Directory Users
In order to log in to Anzo, a user must be a Licensed user. If you defined LDAP-to-Anzo role configurations and mappings so that you can manage all permissions in the directory server without retrieving the user and group accounts and adding them to Anzo, you can configure Anzo to automatically license those users as they log in. Follow the instructions below to enable self-authorization.
When deciding whether to enable self-authorization at all or whether to limit it to certain LDAP groups, consider the number of users who will access Anzo and the number of users allowed by your Anzo license. Your Cambridge Semantics Customer Success manager can help determine whether to enable the feature if you have questions.
- In the Administration application, expand the Servers menu and click Advanced Configuration. Click I understand and accept the risk.
- Search for the Anzo License and Entitlement Manager bundle and view its details.
- Click the Services tab and expand com.cambridgesemantics.anzo.licensemanager.
-
Find the com.cambridgesemantics.anzo.licensemanager.selfAuthorizeUser property (shown below).
- Click the property to make it editable, and then select the checkbox to enable it.
- Click the checkmark icon () to save the change.
- If you want to limit the ability to self-authorize to a certain LDAP group, click the com.cambridgesemantics.anzo.licensemanager.selfAuthorizeGroup property to make it editable, and then specify the group name to include.
- Click the checkmark icon () to save the change.
Changes to the Anzo License and Entitlement Manager service take effect immediately. You do not need to restart Anzo or the service to apply the change.