First, Active Directory or the full SAML piece? It sounds like the full SAML piece if you're talking about Windows groups.> Settings > Logins you have to set up the SAML configuration.
Then, in the Group, you have to enter the group identifier that you've chosen to use in AD (name, GUID, etc).
And of course, the Windows pieces have to be setup in AD first.
We've done straight AD without SAML before, we're on SAML for logins now and we're about to implement SAML for groups (tests are successful).
Abe.
Thanks Abe! Looks pretty efficient, I'll have to look into this. I'm not familiar with our AD setup so I'm going to reach out to our IT to see if we have SAML.
We have it set so that people get added to Enterprise the first time they login with Active Directory. We have 2 "admin" accounts that are in Enterprise, everyone else is normally a "Viewer" and if we need them to have more rights then we have them add themselves and then we bump up the account to whatever level they need. Works fine.