This guide is intended for KMS administrators.
Activating the Kaltura Samlgroupsync Feature in Kaltura MediaSpace (KMS)
Kaltura Samlgroupsync is managed by KMS system administrators in the Admin area accessed from <Base_URL>/admin (e.g. https://videos.mediaspace.kaltura.com/admin)
Prerequisites
- The SAML Module should be enabled and configured prior to setting up the Samlgroupsync module.
Recommendation: When expecting a large amount of groups per user (in the hundreds), a first login for a user will be longer due to the synchronization of large amount of groups. In order to make a faster first login time we recommend a pre-launch groups creation using the a-sync group creation. See the How to Create and Manage Groups Using a CSV File guide for information.
Configure Kaltura Samlgroupdsync in KMS
To enable the Samlgroupsync module in KMS
- Login to KMS and go to the Kaltura Configuration Management window.
- Scroll down and select the Samlgroupsync module in the Modules section.
The SAMLgroupsync Administration page is displayed.
- In the Enabled field, select Yes to enable the Samlgroupsync module.
- Select or enter values for the relevant fields. This module ensures that SAML attribute's containing multi valued attributes use each of the values when syncing the groups to Kaltura.
- Repeat to Add Value Mapping or Add Attributes. Delete as necessary for your configurations.
- Click Save.
Field | Description |
Enabled | Enable the Samlgroupsync module. |
Attributes | |
Attribute | The SAML attribute name |
valueMappingType | Select the method in which KMS will handle the SAML groups’ names. You can choose to use the values of the attribute to become the name of a group, or can map new group names to each value. There are two options to add attributes.
Depending on whcih option you choose, enter the Value of the SAML attribute or the Value of the SAML attribute and the SAML group name. |
removeFromGroups | Select ‘Yes’ to allow the removal of users from groups previously synced with this module. |
createNewGroups | Select ‘Yes’ to create new groups automatically. If ‘No’ is selected, manual creation of groups is needed for users to be added. |
Valid | Module is configured well and ready to use. |
Addtional Information
- Remove from groups – Allows admins to remove users from groups previously synced with this module. If the Group is removed or the group name is changed, and the removeFromGroups field is set to Yes, the group name change or removal will be implemented on the next login. If the removeFromGroups field is set to No, and you save, the user will not be removed from groups, only added on the next KMS login.
- Create New Groups – Allows admins to create new groups automatically from the exisiting SAML grouops. If ‘No’ is selected, you will need to manually create groups to add users.
- Valid – The Valid field is used to verify the values entered. If the values are valid the field is displayed as Yes. For invalid values, the field is displayed as No with a relevant error message.
- User will have to login to KMS/KAF for the changes to take effect.
- Group IDs should be constructed of English alphabet and numbers only. It cannot contain spaces.
