Skip to main content

The Active Directory Authentication section of the Kasten K10 documentation for Helm says that “auth.ldap.bindPWSecretName” is used to reference a secret containing the AD bind DN password but does not specify which key in the referenced secret it uses: https://docs.kasten.io/latest/access/authentication.html#active-directory-authentication

So which key does it use? IMHO the documentation should make this explicit for 2 reasons:

  1. So users don’t have to guess which key to use by trial and error
  2. So users are confident that the key referenced in the Secret remains stable over K10 releases

Hello @donaldleung 

 

So, the password reference is related to the password used for the useraccount specified as the bindDN.

 

auth.ldap.bindDN=user K10 will use to access the Domain

auth.ldap.bindPWSecretName= the user used for bindDN Password, stored as a secret. 

 

If you do not wish to use a secret, you may use auth.ldap.bindPW.

 

Thanks

Emmanuel


Hi @donaldleung 
 
Thank you for reaching out to Veeam Community and Thanks for bringing this to our attention.
 
"bindPW" would be the Key and following command can be used to create the secret. I see its not in our documentation and we will get it updated accordingly under "Bind Password Secret Name" Section.
 
kubectl create secret generic bind-pw-secret --from-litteral=bindPW="password"

 

Bind Password Secret Name
 
Use this helm option to provide the name of the secret that contains the password corresponding to the bindDN for connecting to the AD/LDAP host. This option can be used instead of auth.ldap.bindPW. If both have been configured, then this option overrides auth.ldap.bindPW.
 
--set auth.ldap.bindPWSecretName="bind-pw-secret"
 
Regards
Satish

Comment