Add a new role via e-groups to a Drupal site

Think: Is this a person, or is it a job that will continue after that person leaves? The latter: e.g. role = press officer.

First go to Check if the group you want already exists before you create a new one. If it does, get the name. If it doesn’t, create new static group. e.g. press-office-editors

Back on your site, go to People>permissions>roles> add role Add the new name for the role, and THINK about which permissions that role needs.

Configuration > Shibboleth settings > Shibboleth group rules > add new rule Shibboleth attribute name: ADFS_GROUP ^some-e-group-at-cern$ Add the role. ALWAYS click "Sticky"

To make a role for all trusted CERN users (those with AIS logins) the role has to be mapped to ^ais-users$ in the Shibboleth settings


You are here