Skip to content

Integration with Hashicorp Vault

LDAP server

Before you start

Goal

  • Use credentials from Vault for LDAP authentication.

To configure Altair SLC Hub to use authentication credentials from Vault when it is making connections to the email SMTP server, it is necessary to set the auth.ldap.bindVaultSecret to the path of the secret from which the credentials should be fetched. It is expected that the secret have values called username, password.

Hub supports both the Vault KV secrets engine and the Vault dynamic OpenLDAP secrets engine.

Verify

Verify basic LDAP configuration settings

  • run the hubctl verify ldap

As a final check on the basic LDAP configuration settings, run the following command:

hubctl verify ldap

If the verify is successful the output will look something like the following:

INF Verifying LDAP server connection
INF LDAP connection successfully made and bind performed
INF Listing users returned 500 results
INF Listing groups returned 100 results
INF OK

If there are any errors, revisit the steps above to diagnose what the problem is.