Channels
android_tests
apple-silicon
arm-architecture
auditing-warroom
aws
carving
code-review
community-feeds
core
darkbytes
doorman
ebpf
eclecticiq-polylogyx-extension
extensions
file-carving
fim
fleet
fleet-dev
fleetosquery
foundation
fuzzing
general
golang
goquery
infrastructure
jobs
kolide
linen-dev
linux
macos
officehours
osctrl
plugins
process-auditing
querycon
queryhub
random
selfgroup
sql
tls
uptycs
vendor-feeds
website
windows
zeek
zentral
zercurity
Title
b
Bennett Hitchcox-lain
04/03/2020, 11:58 PMgood day, sorry to bother at this late hour.
but i was wondering where i could find any docs there are about kolide and Authorization
s
sundsta
04/03/2020, 11:59 PMAuthorization of?
b
Bennett Hitchcox-lain
04/03/2020, 11:59 PMbasically if i have a user auth into fleet, what controls can i place onthat.
can i have diffeernt users with different levels of access?
or is it full access?
s
sundsta
04/04/2020, 12:02 AMThere are two roles: admin and standard user. If I remember right, the main difference is standard users can’t modify modify other user settings… let me find the docs
b
Bennett Hitchcox-lain
04/04/2020, 12:02 AMthank you
s
sundsta
04/04/2020, 12:08 AMMaybe it’s not documented? Anyway, the standard user can do almost everything the admin can, but cannot make changes to other users or system settings like SAML auth
b
Bennett Hitchcox-lain
04/04/2020, 12:09 AMfor SSO, (okta for example) would i set up one for admins, and one for regular users?
or would I be able to separate users in that way with the fleet product?
i think i found my answer here https://github.com/kolide/fleet/blob/master/docs/dashboard/single-sign-on.md#creating-sso-users-in-fleet
s
sundsta
04/05/2020, 12:19 AMUsers must be invited via email. If SAML is enabled, they can SAML after invitation. Otherwise it's username/password. Fleet does not support JIT user creation via SAML