Configure Mission Control to use LDAP for authentication

Mission Control supports authentication through OpenID Connect (OIDC) and LDAP. This topic describes configuring LDAP authentication within Mission Control. See Configuring OIDC for the other supported authentication protocol.


Configure Mission Control to use LDAP for authentication

  1. Port-forward to the admin console:

    kubectl kots admin-console
  2. Navigate to (password admin) and edit the Mission Control configuration to enable the LDAP connector, providing your environment’s LDAP information:

    • Host ldap.default:389

    • no SSL true

    • Bind DN cn=admin,dc=example,dc=org

    • Bind password Not@SecurePassw0rd

    • User base DN ou=users,dc=example,dc=org

    • User filter (objectClass=inetOrgPerson)

    • Username attribute cn

    • User id attribute uidNumber

    • User email attribute cn (using this because the default schema does not have an email field)

    • User display name attribute cn

    • Preferred username attribute cn

    • Group base DN ou=users,dc=example,dc=org

    • Group filter (objectClass=groupOfNames)

    • Group user matcher

      • - userAttr: dn

      • groupAttr: member

    • Group name attribute cn

  3. Deploy the new configuration.

Test the connection

  1. Navigate to the Mission Control UI and try to connect with LDAP and one of the test users, for example, user01 / password01.

  2. You can also remove the admin user in the Mission Control configuration (by unchecking the Create a temporary admin user selection box), and the connect with email option should no longer be available.

Was this helpful?

Give Feedback

How can we improve the documentation?

© 2024 DataStax | Privacy policy | Terms of use

Apache, Apache Cassandra, Cassandra, Apache Tomcat, Tomcat, Apache Lucene, Apache Solr, Apache Hadoop, Hadoop, Apache Pulsar, Pulsar, Apache Spark, Spark, Apache TinkerPop, TinkerPop, Apache Kafka and Kafka are either registered trademarks or trademarks of the Apache Software Foundation or its subsidiaries in Canada, the United States and/or other countries. Kubernetes is the registered trademark of the Linux Foundation.

General Inquiries: +1 (650) 389-6000,