docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Delete enable-ldap-config-file.html

This commit is contained in:
David Deyo 2018-10-15 13:48:09 -07:00 committed by GitHub
parent 3980d971a4
commit e4201ef28c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 0 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

68
ee/ucp/admin/configure/_site/external-auth/enable-ldap-config-file.html
View File

@ -1,68 +0,0 @@
<p>Docker UCP integrates with LDAP directory services, so that you can manage
users and groups from your organizations directory and automatically
propagate this information to UCP and DTR. You can set up your clusters LDAP
configuration by using the UCP web UI, or you can use a
<a href="../ucp-configuration-file.md">UCP configuration file</a>.</p>
<p>To see an example TOML config file that shows how to configure UCP settings,
run UCP with the <code class="highlighter-rouge">example-config</code> option.
<a href="../ucp-configuration-file.md">Learn about UCP configuration files</a>.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>docker container run <span class="nt">--rm</span> /: example-config
</code></pre></div></div>
<h2 id="set-up-ldap-by-using-a-configuration-file">Set up LDAP by using a configuration file</h2>
<ol>
<li>
<p>Use the following command to extract the name of the currently active
configuration from the <code class="highlighter-rouge">ucp-agent</code> service.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>
<span class="nv">$ CURRENT_CONFIG_NAME</span><span class="o">=</span><span class="k">$(</span>docker service inspect <span class="nt">--format</span> <span class="s1">'{{ range $config := .Spec.TaskTemplate.ContainerSpec.Configs }}{{ $config.ConfigName }}{{ "\n" }}{{ end }}'</span> ucp-agent | <span class="nb">grep</span> <span class="s1">'com.docker.ucp.config-'</span><span class="k">)</span>
</code></pre></div> </div>
</li>
<li>
<p>Get the current configuration and save it to a TOML file.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>
docker config inspect <span class="nt">--format</span> <span class="s1">'{{ printf "%s" .Spec.Data }}'</span> <span class="nv">$CURRENT_CONFIG_NAME</span> <span class="o">&gt;</span> config.toml
</code></pre></div> </div>
</li>
<li>
<p>Use the output of the <code class="highlighter-rouge">example-config</code> command as a guide to edit your
<code class="highlighter-rouge">config.toml</code> file. Under the <code class="highlighter-rouge">[auth]</code> sections, set <code class="highlighter-rouge">backend = "ldap"</code>
and <code class="highlighter-rouge">[auth.ldap]</code> to configure LDAP integration the way you want.</p>
</li>
<li>
<p>Once youve finished editing your <code class="highlighter-rouge">config.toml</code> file, create a new Docker
Config object by using the following command.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code><span class="nv">NEW_CONFIG_NAME</span><span class="o">=</span><span class="s2">"com.docker.ucp.config-</span><span class="k">$((</span> <span class="k">$(</span>cut <span class="nt">-d</span> <span class="s1">'-'</span> <span class="nt">-f</span> 2 <span class="o">&lt;&lt;&lt;</span> <span class="s2">"</span><span class="nv">$CURRENT_CONFIG_NAME</span><span class="s2">"</span><span class="k">)</span> <span class="o">+</span> <span class="m">1</span> <span class="k">))</span><span class="s2">"</span>
docker config create <span class="nv">$NEW_CONFIG_NAME</span> config.toml
</code></pre></div> </div>
</li>
<li>
<p>Update the <code class="highlighter-rouge">ucp-agent</code> service to remove the reference to the old config
and add a reference to the new config.</p>
<div class="language-bash highlighter-rouge"><div class="highlight"><pre class="highlight"><code>docker service update <span class="nt">--config-rm</span> <span class="s2">"</span><span class="nv">$CURRENT_CONFIG_NAME</span><span class="s2">"</span> <span class="nt">--config-add</span> <span class="s2">"source=</span><span class="k">${</span><span class="nv">NEW_CONFIG_NAME</span><span class="k">}</span><span class="s2">,target=/etc/ucp/ucp.toml"</span> ucp-agent
</code></pre></div> </div>
</li>
<li>
<p>Wait a few moments for the <code class="highlighter-rouge">ucp-agent</code> service tasks to update across
your cluster. If you set <code class="highlighter-rouge">jit_user_provisioning = true</code> in the LDAP
configuration, users matching any of your specified search queries will
have their accounts created when they log in with their username and LDAP
password.</p>
</li>
</ol>
<h2 id="where-to-go-next">Where to go next</h2>
<ul>
<li><a href="../../../authorization/create-users-and-teams-manually.md">Create users and teams manually</a></li>
<li><a href="../../../authorization/create-teams-with-ldap.md">Create teams with LDAP</a></li>
</ul>