You’ve got a new shiny toy and you want to share it with everyone in your organization. You ask your vendor, “Do you support LDAP?” and they quietly reply, “It’s on our roadmap” before shrinking into the floor beneath them.
Role-Based Access Control (RBAC), SAML, and LDAP integration are fundamental security capabilities for enabling Continuous Delivery. Without them you’ve got a manual world of pain for enabling user authentication and authorization in your org.
Harness shipped RBAC and SAML support back in March 2018, and today, we’re shipping LDAP integration.
Configuring for Authentication
Go to Continuous Security > Access Management
Now, collapse Single Sign-On (SSO) Provider Setup and select LDAP from the dropdown menu.
Now, enter your LDAP Connection, User and Group query information, and click Test Connection.
You should see the following message if everything is good:
Your LDAP provider is now fully configured with Harness. If you want to enable it for user authentication check the checkbox here:
Click confirm and Harness will now use your LDAP provider for user authentication.
Note: You don’t have to use LDAP for authentication, you can either native Harness authentication or you can use your own SAML provider like OKTA. The choice is yours 🙂
Configuring for Authorization
User groups within Harness allow admins to govern which users are authorized to perform a set of actions across a set of entities (apps, services, environments, workflows, pipelines, triggers, etc.).
For example, you might want a centralized DevOps team to create and manage deployment workflow templates and pipelines, but you want each respective development team to only execute those workflows/pipelines with their specific set of services and environments.
With our new LDAP support its possible to map and sync User Groups between Harness and your LDAP provider.
Go to Continuous Security > Users and Permissions
Click Create User Group and enter the name.
Now Click Link to External Directory.
Within the next dialogue you should be able to use a simple search query to find the correct LDAP user group to map, simply click Link Group and you’re done.
Harness will now sync all the users in that user group automatically and will manage user authorization accordingly. It’s really that easy!
2-Minute Integration Video:
You can get started today with a free trial of Harness.