$ gadmin --configure ldap
# Enable LDAP authentication: default false
security.ldap.enable [False]: true
# Configure LDAP server hostname: default localhost
security.ldap.host [ldap.tigergraph.com]: ldap.tigergraph.com
# Configure LDAP server port: default 389
security.ldap.port [389]: 389
# Configure LDAP search base DN, the root node to start the LDAP search for user authentication: must specify
security.ldap.base_dn [dc=tigergraph,dc=com]: dc=tigergraph,dc=com
# Configure LDAP search base DN, the root node to start the LDAP search for user authentication.
security.ldap.search_filter [(objectClass=*)]:
# Configure the username attribute name in LDAP server: default uid
security.ldap.username_attribute [uid]: uid
# Configure the DN of LDAP user who has read access to the base DN specified above. Empty if everyone has read access to LDAP data: default empty
security.ldap.admin_dn [cn=Manager,dc=tigergraph,dc=com]: cn=Manager,dc=tigergraph,dc=com
cn=Manager,dc=tigergraph,dc=com
# Configure the password of the admin DN specified above. Needed only when admin_dn is specified: default empty
security.ldap.admin_password [secret]: secret
# Enable SSL/StartTLS for LDAP connection [none/ssl/starttls]: default none
security.ldap.secure.protocol [starttls]: none
# Configure the truststore path for the certificates used in SSL: default empty
security.ldap.secure.truststore_path [/tmp/ca_server.pkcs12]:
# Configure the truststore format [JKS/PKCS12]: default JKS
security.ldap.secure.truststore_format [pkcs12]:
# Configure the truststore password: default changeit
security.ldap.secure.truststore_password [test]:
# Configure to trust all LDAP servers (unsafe): default false
security.ldap.secure.trust_all [False]: false