From 6ba13219a6eaf417725059064e50b51f4ae14814 Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Tue, 23 May 2017 19:14:15 -0400 Subject: [PATCH] organization articles --- .../organizations/azure-active-directory.md | 8 ++++ _articles/organizations/directory-sync.md | 44 +++++++++++++++++++ _articles/organizations/groups.md | 28 ++++++++++++ _articles/organizations/gsuite-directory.md | 8 ++++ _articles/organizations/ldap-directory.md | 8 ++++ _articles/organizations/managing-users.md | 2 +- 6 files changed, 97 insertions(+), 1 deletion(-) create mode 100644 _articles/organizations/azure-active-directory.md create mode 100644 _articles/organizations/directory-sync.md create mode 100644 _articles/organizations/groups.md create mode 100644 _articles/organizations/gsuite-directory.md create mode 100644 _articles/organizations/ldap-directory.md diff --git a/_articles/organizations/azure-active-directory.md b/_articles/organizations/azure-active-directory.md new file mode 100644 index 00000000..a31d381e --- /dev/null +++ b/_articles/organizations/azure-active-directory.md @@ -0,0 +1,8 @@ +--- +layout: article +title: Configuring directory sync with Azure Active Directory +categories: [Organizations] +featured: true +popular: false +tags: [] +--- diff --git a/_articles/organizations/directory-sync.md b/_articles/organizations/directory-sync.md new file mode 100644 index 00000000..15519567 --- /dev/null +++ b/_articles/organizations/directory-sync.md @@ -0,0 +1,44 @@ +--- +layout: article +title: Syncing users and groups with a directory +categories: [Organizations] +featured: true +popular: false +tags: [] +--- + +bitwarden supports syncing users and/or groups from outside directories through the use of the **bitwarden Directory Connector** tool. + +The following directories are supported: + +- Active Directory +- Azure Active Directory +- GSuite (Google) +- Any other LDAP-based directory + +{% alert info %} +Directory sync is only available to enterprise organizations. +{% endalert %} + +## bitwarden Directory Connector Tool + +The bitwarden Directory Connector is a windows-based console application (CLI) that allows you to keep your bitwarden organization and user directory in sync. Directory Connector can be run on-demand manually as well as automatically in the background on an configured interval through the use of the included windows service. The tool provides a console-based UI in addition to a full array of command line arguments. + +You can install and run Directory Connector on the server that hosts your directory, an administrator's machine, or any other computer than can access the directory. + +### Install + +### Log in to your bitwarden organization account + +### Configure the directory server + +### Configure sync options + +### Manually simulate a sync + +### Perform a sync + +### Manage the background service + +### Changing configurations + diff --git a/_articles/organizations/groups.md b/_articles/organizations/groups.md new file mode 100644 index 00000000..774014af --- /dev/null +++ b/_articles/organizations/groups.md @@ -0,0 +1,28 @@ +--- +layout: article +title: User groups +categories: [Organizations] +featured: true +popular: false +tags: [] +--- + +In addition to collections, groups are a way for organizations to further control user access. They are particularly useful to larger organizations where user access can be difficult to manage. + +{% alert info %} +User groups are only available to enterprise organizations. +{% endalert %} + +## User Assignment + +After creating a user, you can assign that user to one or more groups. From the users listing (People) page, Select the **Groups** option for a particular user to make your group selections. + +You can also view which users belong to a specific group by navigating to the groups listing page and selecting the **Users** option for a specific group. Users can be removed from the group from this page as well, however, adding a new user to a group must be done from the individual user. + +## Collection Assignment + +Access control for a group is done by assigning collections to a group (or vice versa). You can assign which collections a group can access by editing the group from the group listing page. + +Alternatively, edit a collection from the collections listing page to choose which groups can access it. + +Organization users will only be able to access logins that belong to the groups that they are members of. If a user belongs to multiple groups, that user will be able to access logins from the _union_ of all collections for their groups plus any individual collections that they have been assigned to. \ No newline at end of file diff --git a/_articles/organizations/gsuite-directory.md b/_articles/organizations/gsuite-directory.md new file mode 100644 index 00000000..355b1f5e --- /dev/null +++ b/_articles/organizations/gsuite-directory.md @@ -0,0 +1,8 @@ +--- +layout: article +title: Configuring directory sync with Google GSuite +categories: [Organizations] +featured: true +popular: false +tags: [] +--- diff --git a/_articles/organizations/ldap-directory.md b/_articles/organizations/ldap-directory.md new file mode 100644 index 00000000..6fe5d9f0 --- /dev/null +++ b/_articles/organizations/ldap-directory.md @@ -0,0 +1,8 @@ +--- +layout: article +title: Configuring directory sync with Active Directory or other LDAP +categories: [Organizations] +featured: true +popular: false +tags: [] +--- diff --git a/_articles/organizations/managing-users.md b/_articles/organizations/managing-users.md index 764e97e2..a6822769 100644 --- a/_articles/organizations/managing-users.md +++ b/_articles/organizations/managing-users.md @@ -1,6 +1,6 @@ --- layout: article -title: Managing organization users +title: Managings users categories: [Organizations] featured: true popular: false