Hi Everybody,
I’m currently struggeling with setting up group authentication within Rancher 1.6.12 using our companys OpenLDAP. So far I have set up everything and I am able to use single users in the system. Since the group of users rises fast I wanted to also use group authentication in Rancher. The only thing I’m struggling with is the setting needed for the “Group Member Mapping Attribute” as our LDAP setup does only have members listed in the groups but does not have an attribute in the member entry pointing to the groups where the member is registered in. So I have to make the matching from the group to valid members. This would not be a problem it the value of the “member” attribute (which I placed into “Group Member User Attribute”) would only contain the login name of the members of the group. In our care it contains something like “uid=”.
I currently have put “uid=${name}” into it but this does not work. So I need to know how to tell rancher to ignore the “uid=” and extract the login from after the equal sign. I thought with ${name} rancher would do that but it does not work. Also ${username} does not do the trick and I cannot find any documentation on what or how to tell rancher to do that.
Does anyone know how I can set this up and have rancher taking the username and ignoring the “uid=” part of the ldap group entry?
I have searched for several days but nothing worked so far. Thanks a lot!