New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Missing LDAP secrets engine #1032
Comments
I have an interest in seeing this implemented as well. I'm no LDAP expert but I could potentially help with this (even if you just need someone to assist with testing etc.) |
@mweigel That would be really helpful! Do you have a full LDAP setup configured in your environment? I am planning to start work on this next week |
Hey, I don't have a "real" environment to test against. I'd be using my local environment for testing. To test against active directory I'd use - https://github.com/splitbrain/vagrant-active-directory I've tested this quickly and it does work. That project is referenced in a Vault tutorial - https://developer.hashicorp.com/vault/tutorials/auth-methods/active-directory-mfa-login-totp#prerequisites For LDAP I'd either use a Vagant VM or container to test against OpenLDAP / FreeIPA. |
I've added an initial commit for this under #1033 |
* Initial commit for LDAP secrets engine No dynamic role support yet * Fix docs and linting issues * Fix linting error * Run tests with docker container so we don't need to install vault Use LDAP server in docker as well Configure Vault/LDAP with terraform Added LDAP tests - not yet finished * More tests * Fix indentation * Fix client not being available * Various test fixes * Reverting the changes prior to implementing unit tests * Reverting the changes prior to implementing unit tests * Reverting the changes prior to implementing unit tests * Unit tests for LDAP secrets * Reverting the changes prior to implementing unit tests * Linting * Fix newline? * Fix newline? * Fix linting * Apply suggestions from code review Documentation updates * Update hvac/api/secrets_engines/ldap.py remove unused args/kwargs * nit: remove docs character * remove use of arbitrary kwargs * use example.com in tests * add unit test for generate_static_credentials --------- Co-authored-by: Brian Scholer <1260690+briantist@users.noreply.github.com>
Hi,
It looks like hvac hasn't yet implemented the LDAP secrets engine - from the Vault docs it looks as if the active directory secrets engine is deprecated in favour of this one and has provided a migration path.
Is anyone working on this? If not am happy to contribute, but didn't want to double up on effort if not required.
Regards,
Jordan
The text was updated successfully, but these errors were encountered: