Automated installation of TFE with LDAP authentication requires the configuration of two files:
1. Replicated Config: /etc/replicated.conf where you can set "DaemonAuthenticationType": "ldap"
Config example:
{
"DaemonAuthenticationType": "ldap",
"ImportSettingsFrom": "/etc/ptfe-settings.conf",
"LicenseFileLocation": "/tmp/license.rli",
"LogLevel": "debug",
"ReleaseSequence": 123,
"TlsBootstrapType": "server-path",
"TlsBootstrapHostname": "server.company.com",
"TlsBootstrapCert": "/etc/server.crt",
"TlsBootstrapKey": "/etc/server.key"
}
2. Terraform Enterprise config /etc/ptfe-settings.json which is imported during the installation process
Here you can set LDAP parameters:
"ldap_hostname": {
"value": ""
},
"ldap_port": {
"value": ""
},
"label_encryption_label": {
"value": ""
},
"ldap_encryption": {
"value": ""
},
"ldap_search_user": {
"value": ""
},
"ldap_search_password": {
"value": ""
},
"ldap_schema": {
"value": ""
},
"ldap_base_dn": {
"value": ""
},
"ldap_usersearch_dn": {
"value": ""
},
"ldap_advanced_search": {
"value": ""
},
"ldap_restricted_user_group": {
"value": ""
},
"ldap_user_query": {
"value": ""
},
"ldap_restricted_group_query": {
"value": ""
},
"ldap_username_field": {
"value": ""
},
"ldap_login_username": {
"value": ""
},
"ldap_login_password": {
"value": ""
}
Terraform Enterprise installer reads /etc/replicated.conf first and then it imports settings from the file specified in the parameter "ImportSettingsFrom": "/etc/ptfe-settings.conf"
You can get LDAP settings from you current Terraform Enterprise instance by using the command replicatedctl app-config export --hidden
For additional reference you can check our upstream vendor for replicated: https://help.replicated.com/docs/native/customer-installations/automating/