961414 – LDAP Documentation: users should be discouraged from editing config files and strongly encourage to use katello-configure

Bug 961414 - LDAP Documentation: users should be discouraged from editing config files and strongly encourage to use katello-configure

Summary: LDAP Documentation: users should be discouraged from editing config files and...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Docs Install Guide
Sub Component:
Version:	6.0.2
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	Unspecified
Assignee:	Dan Macpherson
QA Contact:	Dan Macpherson
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-05-09 15:03 UTC by Corey Welton
Modified:	2019-09-25 21:03 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2014-04-24 17:07:46 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Description Corey Welton 2013-05-09 15:03:39 UTC

Description of problem:

The methods for enabling ldap in system engine, as referenced in the documentation are apparently discouraged -- and possibly suspect.

https://access.redhat.com/site/documentation/en-US/CloudForms/1.1/html-single/Installation_Guide/index.html#Configuring_LDAP_for_CloudForms_System_Engine


Rather than edit files, per dev folks, we should be encouraging folks to use the method as outlined in katello upstream

https://fedorahosted.org/katello/wiki/LDAP

In particular:

$> katello-configure --deployment=katello
                     --auth-method=ldap
                     --user-name=[your LDAP login]
                     --ldap-server=[hostname of your ldap server]
                     --ldap-port=[port of your ldap server, default=389]
                     --ldap-server-type=[free_ipa,active_directory,posix, default=posix]
                     --ldap_encryption=[start_tls, default=none]
                     --ldap-users-basedn=[base dn of users, eg ou=People,dc=company,dc=com]
                     --ldap-groups-basedn=[base dn of groups, eg ou=Groups,dc=company,dc=com. default = users basedn]
                     --ldap-anon-queries=[true if your FreeIPA or AD servers allow anonymous queries, default=false]
                     --ldap-service-user=[username of service user for free IPA & active directory. see below. default=empty]
                     --ldap-service-pass=[password of service user from above. default=empty]
                     --ldap-ad-domain=[domain for making AD queries. default=empty]
                     --ldap-roles=[Turns on mode 2 from above. default=false]

Comment 4 Dan Macpherson 2013-09-25 04:43:50 UTC

Verified. Now using CLI method to configure LDAP.

Comment 5 Bryan Kearney 2014-04-24 17:07:46 UTC

This was verified and delivered with MDP2. Closing it out.

Note You need to log in before you can comment on or make changes to this bug.