LDAP configuration

Improve this page by contributing to our documentation.

LDAP support can be enabled in the chart by specifying the ldap. parameters while creating a release. The following parameters should be configured to properly enable the LDAP support in the chart.

ldap.enabled: Enable LDAP support. Defaults to false.
ldap.uri: LDAP URL beginning in the form ldap[s]://:. No defaults.
ldap.base: LDAP base DN. No defaults.
ldap.binddn: LDAP bind DN. No defaults.
ldap.bindpw: LDAP bind password. No defaults.
ldap.bslookup: LDAP base lookup. No defaults.
ldap.nss_initgroups_ignoreusers: LDAP ignored users. root,nslcd.
ldap.scope: LDAP search scope. No defaults.
ldap.tls_reqcert: LDAP TLS check on server certificates. No defaults.

For example:

ldap.enabled="true"
ldap.uri="ldap://my_ldap_server"
ldap.base="dc=example,dc=org"
ldap.binddn="cn=admin,dc=example,dc=org"
ldap.bindpw="admin"
ldap.bslookup="ou=group-ok,dc=example,dc=org"
ldap.nss_initgroups_ignoreusers="root,nslcd"
ldap.scope="sub"
ldap.tls_reqcert="demand"

Next, login to the MariaDB server using the MySQL client and add the PAM authenticated LDAP users.

For example,

CREATE USER 'bitnami'@'localhost' IDENTIFIED VIA pam USING 'mariadb';

With the above example, when the bitnami user attempts to login to the MariaDB server, he/she will be authenticated against the LDAP server.

Kubeapps

Kubernetes Tutorials

Documentation

Tutorials

Support

Open Source

We're hiring

Resources

Newsroom

Careers

LDAP configuration

Products

Projects

Solutions

Company

Legal

Support