Skip to content

manage-ldap

This command is used to configure and manage the LDAP / Active Directory configuration on the VM Squared cluster.

```
VMsquared:vmsquared\dashboard> manage-ldap

Configuration Creation
----------------------
1) Create new AD configuration with wizard
2) Create new AD configuration
3) Create new LDAP configuration
4) Quit

Please select [1-4]:
```

AD configuration with wizard

Active Directory is configured on VM Squared through the dashboard console. This guide illustrates the use of the AD configuration wizard to create and test the configuration file prior to it being applied to the VM Squared cluster.

  1. SSH onto the VM Squared dashboard console and run the manage-ldap command

    VMsquared:vmsquared\dashboard> manage-ldap

Configuration Creation
----------------------
1) Create new AD configuration with wizard
2) Create new AD configuration
3) Create new LDAP configuration
4) Quit

Please select [1-4]:

  2. Select option 1 to create a new AD configuration with the wizard, and hit enter.

    VMsquared:vmsquared\dashboard> manage-ldap

Configuration Creation
----------------------
1) Create new AD configuration with wizard
2) Create new AD configuration
3) Create new LDAP configuration
4) Quit

Please select [1-4]: 1

  3. Enter the hostname or IP address of a domain controller accessible by the dashboard.

    Enter hostname or address of the AD server: X.X.X.X

  4. Enter the username of the bind account that has permissions to read AD objects in the format of "username@domain", followed by its password.

    Enter username for the AD authentication account (eg. username@domain): bind-user@test-labs.sa.test.com
Enter the password of the AD authentication account: S3cur3Password!

  5. Enter the base distinguished name to search for target users and groups, for the example above:

    Enter the Base Distinguished Name of where to search for users (eg. cn=users,dc=domain,dc=com): DC=TEST-LABS,DC=sa,DC=test,DC=com

  6. Enter the distinguished name of the security group you wish to use, for the example above: CN=normal-users,OU=Groups,OU=TEST-LABS,DC=TEST-LABS,DC=sa,DC=test,DC=com

    Enter the Distinguished name of the AD group you wish to map from (eg. cn=normal-users,ou=groups,dc=domain,dc=com): CN=normal-users,OU=Groups,OU=TEST-LABS,DC=TEST-LABS,DC=sa,DC=test,DC=com

  7. Select the group in the dashboard (or create a new one) to which you wish to map the AD group

    test group to map to
------------------------
1) users
2) admin
3) Create new test group

Please select [1-3]: 1

  8. You may add additional mappings at this time if desired, but if you are only adding one group, select n and hit enter

    Add further group mappings? (y/n): n

  9. At this time, you can choose to test the configuration by selecting the Test option and entering the credentials of a user that exists in the security group selected previously.

    Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 4
Enter the username: normal-user
Enter the password: N0rmalUs3r!

Trying LDAP server 'server1'
'normal-user' (CN=Normal%20User,OU=Users,OU=TEST-LABS,DC=TEST-LABS,DC=sa,DC=test,DC=com) => groups: 0
Success

  10. Once the test is successful, commit the changes to save the configuration.

    Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 5
Committed

  11. Once changes have been committed, select Quit.

    Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 6
VMsquared:vmsquared\dashboard>

At this point Active Directory has been enabled on the VM Squared cluster.

AD (configuration file)

  1. Connect to the dashboard via SSH and run the manage-ldap command.

    VMsquared:vm2\dashboard> manage-ldap

Configuration Creation
----------------------
1) Create new AD configuration with wizard
2) Create new AD configuration
3) Create new LDAP configuration
4) Quit

Please select [1-4]:

  2. Select the "Create new AD configuration" option

    Configuration Creation
----------------------
1) Create new AD configuration with wizard
2) Create new AD configuration
3) Create new LDAP configuration
4) Quit

Please select [1-4]: 2

  3. A sample file will be opened in a text editor. Change the necessary values to reflect the AD domain and domain controller you wish to authenticate against.

  4. Save your changes with CTRL + S, and then exit the editor with CTRL + Q

  5. At the configuration management menu, select the option for Group Mappings, and either edit the existing mapping.yaml file or create your own new file.

    Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 3

Group Mappings
--------------
1) Create new mapping file
2) Edit mapping.yaml
3) Delete mapping.yaml
4) Back ...
5) Quit

Please select [1-5]: 2

  6. Once you've added the mapping(s), save your changes with CTRL + S, and then exit the editor with CTRL + Q

  7. At the Group Mappings menu, select the option to go Back, and then commit your changes at the Configuration Management Menu

    Group Mappings
--------------
1) Create new mapping file
2) Edit mapping.yaml
3) Delete mapping.yaml
4) Back ...
5) Quit

Please select [1-5]: 4

Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 5
Committed

  8. At this time, you can choose to test the configuration by selecting the Test option and entering the credentials of a user that exists in the security group selected previously.

Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 4
Enter the username: normal-user
Enter the password: N0rmalUs3r!

Trying LDAP server 'server1'
'normal-user' (CN=Normal%20User,OU=Users,OU=TEST-LABS,DC=TEST-LABS,DC=sa,DC=test,DC=com) => groups: 0
Success

At this point Active Directory has been enabled on the VM Squared cluster.

LDAP (configuration file)

  1. Connect to the dashboard via SSH and run the manage-ldap command.

    VMsquared:vm2\dashboard> manage-ldap

Configuration Creation
----------------------
1) Create new AD configuration with wizard
2) Create new AD configuration
3) Create new LDAP configuration
4) Quit

Please select [1-4]:

  2. Select the "Create new LDAP configuration" option

    Configuration Creation
----------------------
1) Create new AD configuration with wizard
2) Create new AD configuration
3) Create new LDAP configuration
4) Quit

Please select [1-4]: 3

  3. A sample file will be opened in a text editor. Change the necessary values to reflect the configuration and server you wish to authenticate against.

  4. Save your changes with CTRL + S, and then exit the editor with CTRL + Q

  5. At the configuration management menu, select the option for Group Mappings, and either edit the existing mapping.yaml file or create your own new file.

    Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 3

Group Mappings
--------------
1) Create new mapping file
2) Edit mapping.yaml
3) Delete mapping.yaml
4) Back ...
5) Quit

Please select [1-5]: 2

  6. Once you've added the mapping(s), save your changes with CTRL + S, and then exit the editor with CTRL + Q

  7. At the Group Mappings menu, select the option to go Back, and then commit your changes at the Configuration Management Menu

    Group Mappings
--------------
1) Create new mapping file
2) Edit mapping.yaml
3) Delete mapping.yaml
4) Back ...
5) Quit

Please select [1-5]: 4

Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 5
Committed

  8. At this time, you can choose to test the configuration by selecting the Test option and entering the credentials of a user that exists in the security group selected previously.

    Configuration Management
------------------------
1) Edit configuration
2) Delete configuration
3) Group Mappings ...
4) Test
5) Commit changes
6) Quit

Please select [1-6]: 4
Enter the username: normal-user
Enter the password: N0rmalUs3r!

Trying LDAP server 'server1'
'normal-user' (CN=Normal%20User,OU=Users,OU=TEST-LABS,DC=TEST-LABS,DC=sa,DC=test,DC=com) => groups: 0
Success

At this point LDAP has been enabled on the VM Squared cluster.