https://github.com/canonical/ldap-integrator
A Charmed Integrator used to configure an ldap client charm to use an external ldap service.
https://github.com/canonical/ldap-integrator
charm identity-platform ldap python
Last synced: 4 months ago
JSON representation
A Charmed Integrator used to configure an ldap client charm to use an external ldap service.
- Host: GitHub
- URL: https://github.com/canonical/ldap-integrator
- Owner: canonical
- License: apache-2.0
- Created: 2024-08-29T11:12:35.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2026-02-13T03:44:51.000Z (4 months ago)
- Last Synced: 2026-02-13T12:05:59.230Z (4 months ago)
- Topics: charm, identity-platform, ldap, python
- Language: Python
- Homepage: https://github.com/canonical/ldap-integrator
- Size: 392 KB
- Stars: 0
- Watchers: 3
- Forks: 2
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
- Contributing: CONTRIBUTING.md
- License: LICENSE
- Codeowners: CODEOWNERS
- Security: SECURITY.md
Awesome Lists containing this project
README
# ldap-integrator
[](https://charmhub.io/ldap-integrator)
[](https://github.com/juju/juju)
[](https://github.com/canonical/ldap-integrator/blob/main/LICENSE)
[](https://github.com/canonical/ldap-integrator/actions?query=branch%3Amain)
[](https://github.com/pre-commit/pre-commit)
[](https://conventionalcommits.org)
## Description
This charm is an integrator for external LDAP services. It enables client
charms to connect to and authenticate with existing LDAP servers by providing
the necessary LDAP configuration data through Juju integrations.
The LDAP integrator acts as a bridge between your Juju-managed applications
and external LDAP infrastructure.
## Usage
In this section we are going to deploy the
[glauth operator](https://charmhub.io/glauth-k8s) and use the ldap integrator
to connect it to an existing LDAP server.
### Prerequisites
You will need:
- A juju deployment
- An existing LDAP server of your choice and you will need a bind_dn + password
for glauth to use
### Deployment
First you will need to deploy the charms:
```console
juju deploy glauth-k8s --channel edge --trust
juju deploy ldap-integrator --channel edge --trust
juju deploy self-signed-certificates --channel stable --trust
```
### Configuration
Now that we have deployed our charms, we will need to configure ldap-integrator.
First we need to create a juju secret with the bind password:
```console
juju add-secret my-secret password=
```
Now we need to grant access to the secret to the ldap-integrator:
```console
juju grant-secret my-secret ldap-integrator
```
Then you will have to configure the ldap-integrator, eg:
```console
juju config ldap-integrator urls=ldap://path/to/somewhere base_dn=dc=glauth,dc=com bind_dn=cn=user,ou=group,dc=glauth,dc=com bind_password=my-secret
```
**Note:** The `urls` configuration accepts a comma-separated list of LDAP
server URLs. This feature is designed to support **high availability (HA)**
setups by providing failover capability. Multiple URLs should point to
different replicas of the same LDAP server infrastructure (e.g., primary
and backup servers with synchronized data). This is **not** intended for
connecting to multiple independent LDAP servers.
Now you can integrate glauth with ldap-integrator:
```console
juju integrate glauth-k8s ldap-integrator
```
Now glauth will be proxying all ldap requests to your ldap server.
## Security
Please see [SECURITY.md](https://github.com/canonical/ldap-integrator/blob/main/SECURITY.md)
for guidelines on reporting security issues.
## Contributing
Please see the [Juju SDK docs](https://juju.is/docs/sdk) for guidelines on
enhancements to this charm following best practice guidelines,
and [CONTRIBUTING.md](https://github.com/canonical/ldap-integrator/blob/main/CONTRIBUTING.md)
for developer guidance.
## License
The Charmed LDAP Integrator Operator is free software, distributed
under the Apache Software License, version 2.0.
See [LICENSE](https://github.com/canonical/ldap-integrator/blob/main/LICENSE)
for more information.