You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Being a big organization, we have multiple OUs in Active Directory. An example is as follow:
"CN={USERID},OU=SRE,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
"CN={USERID},OU=Security,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
"CN={USERID},OU=Team1,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
"CN={USERID},OU=Team2,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
...
"CN={USERID},OU=TeamN,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
Now, we want to give access to all the users that are in "Technology" OU. I am not able to do it. Below is the config for ldap:
There is no solution at the moment. We'd welcome community contributions to maintain the LDAP auth feature. This feature was originally contributed by the community; the hope is the community that finds this useful will continue to maintain it and improve it.
We are in the process of putting together an OpenID integration which may be able to help those people where the current LDAP integration is lacking. You could wrap the LDAP within an OpenID integration and use that for Kiali logins. See: #2056 and #2798
Hi @enthurohini,
Unfortunately, the LDAP implementation in Kiali is being deprecated and will no longer be maintained. So, I'm clossing this ticket -- sorry for the inconvenience.
The LDAP authentication was contributed by a community user who hasn't been replying and this is our main motivation for its deprecation and future removal.
In turn, in Kiali v1.19 (to be released today) a new openid authentication strategy has been implemented. Our recommendation is that you use an OpenID connect provider that has support for LDAP (like Keycloak or Dex, which will offer much more robust LDAP implementation than what we could offer in Kiali)
LDAP integration issue with multiple OUs
Being a big organization, we have multiple OUs in Active Directory. An example is as follow:
"CN={USERID},OU=SRE,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
"CN={USERID},OU=Security,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
"CN={USERID},OU=Team1,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
"CN={USERID},OU=Team2,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
...
"CN={USERID},OU=TeamN,OU=Technology,OU=xyzIN,OU=User,DC=xyz,DC=com"
Now, we want to give access to all the users that are in "Technology" OU. I am not able to do it. Below is the config for ldap:
Please help.
Versions used
Kiali: v1.4.2
Istio: 1.3.3
Kubernetes flavour and version: On premise kubernestes v1.15.5
Expected behavior
It should work with the above config and should be able to consider all the users falls in the Technology OU like SRE, Security etc.
The text was updated successfully, but these errors were encountered: