Configure a custom LDAP port

Table of Contents

Mission Portals User settings and preferences provides a radio button encryption. This controls the encryption and the port to connect to.

Ldap Settings

If you want to configure LDAP authentication to use a custom port you can do so via the Status and Setting REST API.

Status and Settings REST API This example shows using jq to preserve the existing settings and update the LDAP port to 3268 and the LDAP SSL port to 3269.

Note: The commands are run as root on the hub, and the hubs self signed certificate is used to connect to the API over https. Authentication is done via a ~/.netrc file as indicated by the --netrc option.

[root@hub ~]# export CACERT="/var/cfengine/httpd/ssl/certs/hub.cert"
[root@hub ~]# export API="https://hub/api/settings"
[root@hub ~]# export CURL="curl --netrc --silent --cacert ${CACERT} ${API}" 
[root@hub ~]# ${CURL} | jq '.data[0] + {"ldapPort": 3268, "ldapPortSSL": 3269}' | ${CURL} -X POST -d @-
[root@hub ~]# $CURL | jq '.data[0]'
{
  "blueHostHorizon": 900,
  "hostIdentifier": "default.sys.fqhost",
  "ldapBaseDN": "dc=cfengine,dc=com",
  "ldapEnabled": true,
  "ldapEncryption": "ssl",
  "ldapFilter": "(objectClass=inetOrgPerson)",
  "ldapHost": "ldap.intra.cfengine.com",
  "ldapLoginAttribute": "uid",
  "ldapPassword": "",
  "ldapPort": 3268,
  "ldapPortSSL": 3269,
  "ldapUsername": "",
  "logLevel": "error",
  "rbacEnabled": true,
  "sketchActivationAlertTimeout": 60
}