You’ve got a new shiny toy and you want to share it with everyone in your organization. You ask your vendor, “Do you support LDAP?” and they quietly reply, “It’s on our roadmap” before shrinking into the floor beneath them.

Role-Based Access Control (RBAC), SAML, and LDAP integration are fundamental security capabilities for enabling Continuous Delivery. Without them you’ve got a manual world of pain for enabling user authentication and authorization in your org.

Harness shipped RBAC and SAML support back in March 2018, and today, we’re shipping LDAP integration.

Configuring for Authentication

Go to Continuous Security > Access Management

LDAP Access Management


Now, collapse Single Sign-On (SSO) Provider Setup and select LDAP from the dropdown menu.

SSO - LDAP


Now, enter your LDAP Connection, User and Group query information, and click Test Connection.

LDAP Configuration


You should see the following message if everything is good:

Test Connection - Success!


Your LDAP provider is now fully configured with Harness. If you want to enable it for user authentication check the checkbox here:

User Authentication Checkbox


Click confirm and Harness will now use your LDAP provider for user authentication.

Change SSO Provider


Note: You don’t have to use LDAP for authentication, you can either native Harness authentication or you can use your own SAML provider like OKTA. The choice is yours 🙂

Configuring for Authorization

User groups within Harness allow admins to govern which users are authorized to perform a set of actions across a set of entities (apps, services, environments, workflows, pipelines, triggers, etc.).

For example, you might want a centralized DevOps team to create and manage deployment workflow templates and pipelines, but you want each respective development team to only execute those workflows/pipelines with their specific set of services and environments.

With our new LDAP support its possible to map and sync User Groups between Harness and your LDAP provider.

Go to Continuous Security > Users and Permissions

Users and Permissions


Click Create User Group and enter the name.

Enter User Group Name


Now Click Link to External Directory.

Link Group


Within the next dialogue you should be able to use a simple search query to find the correct LDAP user group to map, simply click Link Group and you’re done.

Link Group Dialogue - LDAP

Harness will now sync all the users in that user group automatically and will manage user authorization accordingly. It’s really that easy!

User Group - Synced - LDAP

2-Minute Integration Video:

You can get started today with a free trial of Harness.

Cheers,
Steve.
@BurtonSays