Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adding ldap users into a project in Harbor workflow is not intuitive #954

Closed
mobla opened this issue Oct 27, 2016 · 6 comments
Closed

adding ldap users into a project in Harbor workflow is not intuitive #954

mobla opened this issue Oct 27, 2016 · 6 comments
Labels
area/standalone-ova kind/limitation

Comments

@mobla
Copy link

mobla commented Oct 27, 2016

1)Version of docker engine and docker-compose - Harbor OVA 0.4.1.0
2)Config files of harbor, you can get them by packaging "Deploy/config" directory - attached
3)Log files, you can get them by the /var/log/harbor/ - attached

Live Harbor: 10.139.23.220 (ssh enabled),
SSH: creds: root/VMware123!
UI: admin/Harbor12345

I have tried configuring with 2 or 3 LDAP servers and always I see this in docker_ui.log
"Current AUTH_MODE is db_auth". Not sure what am doing wrong!

Logs:
2016-20-27.tar.gz
2016-20-26.tar.gz

Config: config.tar.gz

Attached the screenshot of LDAP configs.
harbor-ldap
@ywk253100
Copy link
Contributor

I have checked your environment, it works well. The user "admin" is reserved for managing Harbor and his authentication is done using database whether the auth_mode is db or ldap. So if you login with a LDAP user, you will get the "ldap_auth" in the logs.

@mobla
Copy link
Author

mobla commented Oct 27, 2016
edited
Loading

I have to login as admin (db user) and add AD/LDAP users to the project right?

@reasonerjt
Copy link
Contributor

As we discussed, you need to first use the ldap user to login and then you can use admin to add that user. I agree this workflow is not intuitive for now.

@mobla
Copy link
Author

mobla commented Oct 27, 2016

Workflow is little confusing to me. Let;s check with others and can improve..

  1. Deploy Harbor OVA - during ovf deploy, configure LDAP auth (with ldap info)
    At this point, my assumption was Harbor is configured with LDAP_Auth and not DB_Auth :-)
  2. Post deployment, powered in (DHCP IP)
  3. Login using seed admin (local db user) to create project and add LDAP - I thought so!
  4. But if we login as admin (local db user), system uses DB_Auth and doesn't let add LDAP users
  5. Learnt that I have to login as say AD/LDAP admin user to add other Ldap users under a project in Harbor!

@mobla mobla changed the title Not able configure ldap_auth with Harbor OVA0.4.1.0 Not able to configure ldap_auth with Harbor OVA0.4.1.0 Oct 27, 2016
@mobla mobla changed the title Not able to configure ldap_auth with Harbor OVA0.4.1.0 adding ldap users into a project in Harbor workflow is not intuitive Nov 2, 2016
@stale
Copy link

stale bot commented Oct 7, 2018

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the Stale label Oct 7, 2018
@stale stale bot removed the Stale label Oct 9, 2018
@reasonerjt
Copy link
Contributor

This is no longer valid as the standalone .ova will not be supported.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/standalone-ova kind/limitation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@reasonerjt @mobla @ywk253100