This section covers the setup of the yarngate application
This section assumes that that Yarngate access has been configured and the user can login to Yarngate using LDAP credentials
This section assumes that Customers/Clusters/Interfaces have been added either manually via the administration application or via Bulk import of Customers/Cluster/Interfaces
Yarngate Access Profiles and Access rules
Access to the yarngate application and the various roles is controlled by the Authentication policy that matches LDAP groups to Yarnman Role
Once a user has access to Yarngate their system access is determined by
Entitlement Group
The entitlement profile defines what systems can be accessed. Access can be added using Customers, Clusters or specific interfaces
Note that the add Customer/Cluster/Interface button needs to be pressed for each entry
Entitlement Group bulk Import
There is an option to bulk import using excel
Download the template and setup as necessary and upload
Matching Group
The match group defines what LDAP groups or users have are matched
For access testing you can also add a unique username that can be used with the test access function
Access Profile
The access profile defines the configuration of the access
CUCM - there is additional template configuration required
UCXN - there is additional template configuration required
CUCM Template
CUCM Roles (Custom)
If custom CUCM roles are required they can be created
The roles will need to be imported from a test CUCM use the latest version of CUCM in scope to import the latest roles - Yarngate handles backward compataibility for roles
Select the interface to import the role
Select the required Roles
CUCM Credential Policy
Create the credential policy with the required settings
CUCM Access Control Group
Create the Access Control profile
Custom role template can be used or
CUCM default Roles
UCXN Templates
Authentication Rule
Create the required Authentication rule
Access Rule
The access rule links all of the configuration together
Test Access
The test access tool can be used to check what access users have
Note that the User key needs to be defined in matching groups