Configure LDAP Autentication using group

We want to configure autentication using ldap and assing a role to each user based on member-of ldap field.
It is posible in icinga?
Can anyone help us ?

Best regards,
Emilio J.


this is what I found in the docs, maybe those could be a starting point?
Resources - Icinga Web 2 and Authentication - Icinga Web 2

I have finally managed to configure it.
Need to do three steps:

  1. Import Users from LDAP ( Configuration → Application → Authentication → User backend )
  2. Import Groups from LDAP. (in previous page choose User Group Backend) Key point is LDAP Group Member Attribute that define whitch user are in this group
    3.- Define roles. (Configuration → Autentication → Roles ) The problem is that for each module the way to restrict the object that a role can use is diferent:
    A.- Monitoring: you can fill monitoring/​filter/​objects with a value like _host_tenant=AAA
    B.- director: you must include host in hostgroup and use director/​filter/​hostgroups

Best regards,
Emilio J.