LDAP Authentication

Prerequisites

• Ensure you have access to your organization’s LDAP server.

• Obtain the LDAP Base DN, Bind DN, Bind Password, and server URL.

Configure LDAP in MSR

1. Access MSR Administration Interface:

   • Log in as an administrator and navigate to the Administration -> Configuration section.

2. Set Auth Mode to LDAP:

   • Under the Authentication tab, select LDAP from the Auth Mode dropdown.

3. Provide LDAP Server Details:

   • Auth Mode will say LDAP.

   • LDAP URL: Enter the server URL (e.g., ldap://example.com or ldaps://example.com for secure connections).

   • LDAP Search DN and LDAP Search Password: When a user logs in to Harbor with their LDAP username and password, Harbor uses these values to bind to the LDAP/AD server. For example, cn=admin,dc=example.com.

   • LDAP Base DN: Harbor looks up the user under the LDAP Base DN entry, including the subtree. For example, dc=example.com.

   • LDAP Filter: The filter to search for LDAP/AD users. For example, objectclass=user.

   • LDAP UID: An attribute, for example uid, or cn, that is used to match a user with the username. If a match is found, the user’s password is verified by a bind request to the LDAP/AD server.

   • LDAP Scope: The scope to search for LDAP/AD users. Select from Subtree, Base, and OneLevel.

   • Uncheck LDAP Verify Cert if the LDAP/AD server uses a self-signed or untrusted certificate.

4. Test LDAP Connection:

   • Use the Test LDAP Server button to validate the connection. Troubleshoot any errors before proceeding.

5. Save Configuration:

   • Click Save to apply changes.

Manage LDAP users in MSR

• After configuring LDAP, MSR automatically authenticates users based on their LDAP credentials.

• To assign user roles, navigate to Projects and assign LDAP-based user accounts to project roles.