Manual Kubernetes Secret for LDAP Authentication Bind User
Prerequisites
- Helm version 3 is installed on your system.
- The Kubernetes command line tool kubectl is configured and has access to the target installation.
- You know the name and namespace of your Connectware installation. See Obtaining the name, namespace, and version of your Connectware installation.
- The values.yaml file is available.
- LDAP authentication configured.
Manual Kubernetes Secret for LDAP Authentication Bind User
If you don’t want to provide the bind user for LDAP authentication through the Helm values bindDn and bindPassword within the global.authentication.ldap context, you can also manually create a Kubernetes secret in Connectware’s namespace through your preferred method of managing secrets in Kubernetes. You will then need to provide the name of this secret in the Helm value existingBindSecret.
This secret needs to contain two keys, bindDn and bindPassword, containing the parameters you did not specify directly as Helm values. If you want to use different keys, you can customize these as shown below.
Example
Create your Kubernetes secret:
kubectl -n <namespace> create secret generic my-ldap-user --from-literal=bindDn="CN=Bind User,CN=Users,DC=company,DC=tld" --from-literal=bindPassword="S3cretPassword"
Code-Sprache: YAML (yaml)Specify the name of the Secret:
global:
authentication:
ldap:
enabled: true
existingBindSecret: my-ldap-user
searchBase: CN=Users,DC=company,DC=tld
url: ldap://my-dc.complany.tld:389
Code-Sprache: YAML (yaml)Customizing Kubernetes Secret Keys
If you want to customize the keys used in the Kubernetes secret, you can do so and specify the keys you want to use instead in the Helm value existingBindSecretDnKey and existingBindSecretPasswordKey within the global.authentication.ldap context.
Example
Create your Kubernetes secret:
kubectl -n <namespace> create secret generic custom-ldap-user --from-literal=username="CN=Bind User,CN=Users,DC=company,DC=tld" --from-literal=password="S3cretPassword"
Code-Sprache: YAML (yaml)Specify the name of the Secret in your values.yaml file:
global:
authentication:
ldap:
enabled: true
existingBindSecret: custom-ldap-user
existingBindSecretDnKey: username
existingBindSecretPasswordKey: password
searchBase: CN=Users,DC=company,DC=tld
url: ldap://my-dc.complany.tld:389
Code-Sprache: YAML (yaml)Related Links
Need more help?
Can’t find the answer you’re looking for?
Don’t worry, we’re here to help.