On This Page
Configure LDAP Vendor Attributes for SecureTrack
The configure_ldap_vendor_configuration
script is used to configure the LDAP vendor attributes.
You can:
- Create a new vendor and add the relevant attributes.
- Customize the attributes for an existing LDAP vendor.
You can create a shell file with a list of commands, where each command configures a different attribute.
Syntax
The add_or_update
action:
- Creates the specified vendor if it does not exist and adds the specified attribute.
- Creates the specified attribute for an existing vendor.
-
Updates a value for an existing vendor.
kubectl exec -it deploy/keycloak-service -c keycloak-service -- manage_keycloak -r set_ldap_configuration -v '<vendor_name>' -a 'add_or_update' --attr_objective '<attr_objective>' --attr_name '<attr_name>' --attr_type '<attr_type>'
kubectl exec -it deploy/keycloak-service -c keycloak-service -- manage_keycloak -r set_ldap_configuration -v '<vendor_name>' -a 'add_or_update' --attr_objective '<attr_objective>' --attr_name '<attr_name>' --attr_type '<attr_type>'
Supported Arguments
Argument |
Description |
---|---|
|
|
|
The vendor name that is displayed in SecureTrack: Settings > Configuration > External Authentication > LDAP Authentication > Server Type |
|
An attribute from the list of LDAP server attributes |
|
The name of the LDAP server field that corresponds to the attr_objective |
|
Supported attribute types:
|
Sample Code
-
For the Active Directory vendor, update the mail attribute name to the string "mail":
kubectl exec -it deploy/keycloak-service -c keycloak-service -- manage_keycloak -r set_ldap_configuration -v 'Active Directory' -a 'add_or_update' --attr_objective 'mailAttributeName' --attr_name 'mail' --attr_type 'string'
kubectl exec -it deploy/keycloak-service -c keycloak-service -- manage_keycloak -r set_ldap_configuration -v 'Active Directory' -a 'add_or_update' --attr_objective 'mailAttributeName' --attr_name 'mail' --attr_type 'string'