After installing Harbor registry server, the next action is probably proper user management. The standard user Authentication method in most companies is LDAP/AD. It is not justified to manage a separate user database for Harbor authentication if you have LDAP server in use.

This guide will discuss how you can configure LDAP backend as a database for user authentication in harbor. The pre-requisites for this setup are:

In my setup, I use FreeIPA Identity Management platform. For Windows Active directory, refer to:

Configure Active Directory (AD) Authentication for Harbor Registry

Installation guides are available on our website.

How to Install FreeIPA Server on CentOS 7

How to Install and Configure FreeIPA Server on RHEL / CentOS 8

How to Install and Configure FreeIPA Server on Ubuntu 18.04 / Ubuntu 16.04

Step 1: Create Bind User on LDAP

Access your LDAP server and create a user account that will be used on Harbor to bind to the server.

harbor ldap integration 01

Step 2: Configure LDAP Authentication on Harbor

Now access Harbor admin dashboard and navigate to Administration > Configuration > Authentication

Change your settings like below.

Auth Mode: LDAP
LDAP Search DN: uid=service,cn=users,cn=accounts,dc=example,dc=com
LDAP Search Password: LDAP-Bind-User-Password
LDAP Base DN: cn=users,cn=accounts,dc=example,dc=com

And other values e.g for Group to suit your environment and desired authentication model. In my configuration, I’ve set:

Auth Mode: Set authentication mode to LDAP
LDAP Search DN: DN for user with permissions to search LDAP server.
LDAP Search Password: Search user password
LDAP Base DN: The base DN from which to lookup a user
LDAP UID: Attribute used in a search to match a user

When done, click “TEST LDAP SERVER” button to validate settings.

harbor ldap integration 02

If the connection is successful, you’ll get this message.

harbor ldap integration 03

Test login on Harbor web portal to confirm users on LDAP can access the service.

harbor ldap integration 04

Input LDAP username and password to access Harbor dashboard.

harbor ldap integration 05

You need to authenticate to access Harbor registry on Docker machine.

$ docker login
Authenticating with existing credentials...
Existing credentials are invalid, please enter valid username and password
Username: computingforgeeks
Password: <LDAPPassword>
Login Succeeded!

We have confirmed we can access Harbor resources with LDAP credentials.

Your support is our everlasting motivation,
that cup of coffee is what keeps us going!

As we continue to grow, we would wish to reach and impact more people who visit and take advantage of the guides we have on our blog. This is a big task for us and we are so far extremely grateful for the kind people who have shown amazing support for our work over the time we have been online.

Thank You for your support as we work to give you the best of guides and articles. Click below to buy us a coffee.


Please enter your comment!
Please enter your name here