LDAP Authentication¶
Prerequisites¶
Ensure you have access to your organization’s LDAP server.
Obtain the LDAP Base DN, Bind DN, Bind Password, and server URL.
Configure LDAP in MSR¶
Access MSR Administration Interface:
Log in as an administrator and navigate to the Administration -> Configuration section.
Set Auth Mode to LDAP:
Under the Authentication tab, select LDAP from the Auth Mode dropdown.
Provide LDAP Server Details:
Auth Mode will say LDAP.
LDAP URL: Enter the server URL (e.g.,
ldap://example.com
orldaps://example.com
for secure connections).LDAP Search DN and LDAP Search Password: When a user logs in to Harbor with their LDAP username and password, Harbor uses these values to bind to the LDAP/AD server. For example,
cn=admin,dc=example.com
.LDAP Base DN: Harbor looks up the user under the LDAP Base DN entry, including the subtree. For example,
dc=example.com
.LDAP Filter: The filter to search for LDAP/AD users. For example,
objectclass=user
.LDAP UID: An attribute, for example uid, or cn, that is used to match a user with the username. If a match is found, the user’s password is verified by a bind request to the LDAP/AD server.
LDAP Scope: The scope to search for LDAP/AD users. Select from Subtree, Base, and OneLevel.
Uncheck LDAP Verify Cert if the LDAP/AD server uses a self-signed or untrusted certificate.
Test LDAP Connection:
Use the Test LDAP Server button to validate the connection. Troubleshoot any errors before proceeding.
Save Configuration:
Click Save to apply changes.
Manage LDAP users in MSR¶
After configuring LDAP, MSR automatically authenticates users based on their LDAP credentials.
To assign user roles, navigate to Projects and assign LDAP-based user accounts to project roles.