Bug 961414 - LDAP Documentation: users should be discouraged from editing config files and strongly encourage to use katello-configure
LDAP Documentation: users should be discouraged from editing config files and...
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Docs Install Guide (Show other bugs)
Unspecified Unspecified
unspecified Severity medium (vote)
: Unspecified
: 6.0
Assigned To: Dan Macpherson
Dan Macpherson
: Triaged
Depends On:
  Show dependency treegraph
Reported: 2013-05-09 11:03 EDT by Corey Welton
Modified: 2014-09-18 11:36 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2014-04-24 13:07:46 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Corey Welton 2013-05-09 11:03:39 EDT
Description of problem:

The methods for enabling ldap in system engine, as referenced in the documentation are apparently discouraged -- and possibly suspect.


Rather than edit files, per dev folks, we should be encouraging folks to use the method as outlined in katello upstream


In particular:

$> katello-configure --deployment=katello
                     --user-name=[your LDAP login]
                     --ldap-server=[hostname of your ldap server]
                     --ldap-port=[port of your ldap server, default=389]
                     --ldap-server-type=[free_ipa,active_directory,posix, default=posix]
                     --ldap_encryption=[start_tls, default=none]
                     --ldap-users-basedn=[base dn of users, eg ou=People,dc=company,dc=com]
                     --ldap-groups-basedn=[base dn of groups, eg ou=Groups,dc=company,dc=com. default = users basedn]
                     --ldap-anon-queries=[true if your FreeIPA or AD servers allow anonymous queries, default=false]
                     --ldap-service-user=[username of service user for free IPA & active directory. see below. default=empty]
                     --ldap-service-pass=[password of service user from above. default=empty]
                     --ldap-ad-domain=[domain for making AD queries. default=empty]
                     --ldap-roles=[Turns on mode 2 from above. default=false]
Comment 4 Dan Macpherson 2013-09-25 00:43:50 EDT
Verified. Now using CLI method to configure LDAP.
Comment 5 Bryan Kearney 2014-04-24 13:07:46 EDT
This was verified and delivered with MDP2. Closing it out.

Note You need to log in before you can comment on or make changes to this bug.