LDAP Authentication

Prerequisites

  • Ensure you have access to your organization’s LDAP server.

  • Obtain the LDAP Base DN, Bind DN, Bind Password, and server URL.

Configure LDAP in MSR

  1. Access MSR Administration Interface:

    • Log in as an administrator and navigate to the Administration -> Configuration section.

  2. Set Auth Mode to LDAP:

    • Under the Authentication tab, select LDAP from the Auth Mode dropdown.

  3. Provide LDAP Server Details:

    • Auth Mode will say LDAP.

    • LDAP URL: Enter the server URL (e.g., ldap://example.com or ldaps://example.com for secure connections).

    • LDAP Search DN and LDAP Search Password: When a user logs in to Harbor with their LDAP username and password, Harbor uses these values to bind to the LDAP/AD server. For example, cn=admin,dc=example.com.

    • LDAP Base DN: Harbor looks up the user under the LDAP Base DN entry, including the subtree. For example, dc=example.com.

    • LDAP Filter: The filter to search for LDAP/AD users. For example, objectclass=user.

    • LDAP UID: An attribute, for example uid, or cn, that is used to match a user with the username. If a match is found, the user’s password is verified by a bind request to the LDAP/AD server.

    • LDAP Scope: The scope to search for LDAP/AD users. Select from Subtree, Base, and OneLevel.

    • Uncheck LDAP Verify Cert if the LDAP/AD server uses a self-signed or untrusted certificate.

  4. Test LDAP Connection:

    • Use the Test LDAP Server button to validate the connection. Troubleshoot any errors before proceeding.

  5. Save Configuration:

    • Click Save to apply changes.

Manage LDAP users in MSR

  • After configuring LDAP, MSR automatically authenticates users based on their LDAP credentials.

  • To assign user roles, navigate to Projects and assign LDAP-based user accounts to project roles.