Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
45 lines (42 sloc) 2.49 KB
# add LDAP integretion to ATC job
- type: replace
path: /instance_groups/name=web/jobs/name=web/properties/ldap_auth?
value:
host: ((ldap_host))
bind_dn: ((ldap_bind_dn))
bind_pw: ((ldap_bind_pw))
# Required if LDAP host does not use TLS. Default: false
insecure_no_ssl: ((ldap_insecure_no_ssl))
# Skip certificate verification. Default: false
insecure_skip_verify: ((ldap_insecure_skip_verify))
# The CA certificate for the LDAP auth provider’s endpoints.
ca_cert: ((ldap_ca_cert))
# Start on insecure port, then negotiate TLS. Default: false
start_tls: ((ldap_start_tls))
# BaseDN to start the search from. e.g. "ou=people,dc=mycompany,dc=com"
user_search_base_dn: ((ldap_user_search_base_dn))
# Optional filter to apply when searching the directory. e.g. "(objectClass=person)"
user_search_filter: ((ldap_user_search_filter))
# Attribute to match against the inputted username.
# This will be translated and combined with the other filter as ‘(=)‘.
user_search_username: ((ldap_user_search_username))
# A mapping of attributes on the user entry to claims. Defaults to ‘uid’ if empty.
user_search_id_attr: ((ldap_user_search_id_attr))
# A mapping of attributes on the user entry to claims.
user_search_name_attr: ((ldap_user_search_name_attr))
# A mapping of attributes on the user entry to claims. Defaults to ‘mail’ if empty.
user_search_email_attr: ((ldap_user_search_email_attr))
# Can either be ‘sub’ - search the whole sub tree or ‘one’ - only search one level. Defaults to ‘sub’ if empty.
user_search_scope: ((ldap_user_search_scope))
# BaseDN to start the search from. e.g. "ou=groups,dc=mycompany,dc=com"
group_search_base_dn: ((ldap_group_search_base_dn))
# Optional filter to apply when searching the directory. e.g. "(objectClass=posixGroup)"
group_search_filter: ((ldap_group_search_filter))
# Adds an additional requirement to the filter that an attribute in the group match the user’s attribute value.
# The exact filter being added is (=)
group_search_group_attr: ((ldap_group_search_group_attr))
group_search_user_attr: ((ldap_group_search_user_attr))
# The attribute of the group that represents its name, e.g. "cn"
group_search_name_attr: ((ldap_group_search_name_attr))
# Can either be ‘sub’ - search the whole sub tree or ‘one’ - only search one level. Defaults to ‘sub’ if empty.
group_search_scope: ((ldap_group_search_scope))
You can’t perform that action at this time.