I’m trying to setup what I’m guessing is a fairly standard setup.
We’ve an AD based LDAP directory with two groups of interest, CamundaUsers and CamundaAdmins.
I’d like CamundaUsers to have read-only access while CamundaAdmins can do anything.
I’ve set up the authorizations in line with Read-only operator mode but the CamundaUsers do not have access to the Cockpit. Or the Tasklist. In fact they have access to nothing but their own profile. I’ve given the group appropriate Application Authorizations;
Type: ALLOW
User/Group: Group - CamundaUsers
Permissions: ACCESS
Resource ID: *
(also tried explicitly listing cockpit)
Yet nothing.
Is there anything obvious I’ve missed? Are there any debug options I can enable which may help me track down the cause of this?
Thanks in advance,
Greg