Summary
Configuration steps for managing Console access via OpenLDAP
Version(s)
- Capsule8 Console version 4.1.0+
Prerequisites
LDAP Configuration
Note: The Capsule8 Console’s LDAP integration has only been tested and verified with OpenLDAP.
You need to make the changes in the configuration file as below
Required:
- Set the fields
console.auth_ldap_hostnameandconsole.auth_ldap_basein the configuration file:
An example configuration file:
console:
....
auth_ldap_hostname: "ldap.my-company.com"
auth_ldap_base:"ou=Users,dc=my-company,dc=com"
console.auth_ldap_hostname: LDAP server address.
console.auth_ldap_base: LDAP subtree where user searches can be ran.
Optional:
- Set the fields
console.auth_ldap_port,console.auth_ldap_use_tlsandconsole.auth_ldap_allowed_groups
An example configuration file:
console:
....
auth_ldap_port: 389
auth_ldap_use_tls:"false"
auth_ldap_allowed_groups: list of groups
console.auth_ldap_port : LDAP server’s port, if not 389.
console.auth_ldap_use_tls :By default, we connect to the LDAP server over TLS. To ignore TLS, set the field to false.
console.auth_ldap_allowed_groups : If the field is empty, all authenticated users will be able to access the Capsule8 Console. A space-delimited list of allowed groups will restrict access to users in those groups.
Note: only supported on LDAP installations using a memberOf overlay.
Comments
0 comments
Please sign in to leave a comment.