COUCHBASE-CLI-SETTING-LDAP(1) Couchbase CLI Manual COUCHBASE-CLI-SETTING-LDAP(1)
|
|
NAME
|
couchbase-cli-setting-ldap - Modifies LDAP settings
|
|
SYNOPSIS
|
couchbase-cli setting-ldap [--cluster <url>] [--username <user>]
|
[--password <password>] [--ldap-admins <admins_list>]
|
[--ldap-roadmins <ro_admin_list>] [--ldap-default <default>]
|
[--ldap-enabled <num>]
|
|
DESCRIPTION
|
This command allows users to enable LDAP on their cluster as well as add administrator and read-only administrator LDAP users to their cluster.
|
|
OPTIONS
|
-c, --cluster
|
Specifies the hostname of a node in the cluster. See the HOST FORMATS section for more information on specifying a hostname.
|
|
-u, --user <username>
|
Specifies the username of the user executing the command. If you do not have a user account with permission to execute the command then it will fail with an unauthorized error.
|
|
-p, --password <password>
|
Specifies the password of the user executing the command. If you do not have a user account with permission to execute the command then it will fail with an unauthorized error. If this
|
argument is specified, but no password is given then the command will prompt the user for a password through non-echoed stdin. You may also specify your password by using the environment
|
variable CB_REST_PASSWORD.
|
|
--ldap-admins <admins_list>
|
A list of LDAP users who should have administrator privileges on this cluster. This list should be comma separated if multiple users are being added.
|
|
--ldap-roadmins <ro_admin_list>
|
A list of LDAP users who should have read-only administrator privileges on this cluster. This list should be comma separated if multiple users are being added.
|
|
--ldap-enabled <num>
|
Enables or disables LDAP on this cluster. To enable LDAP set this option to "1". To disable LDAP set this parameter to "0".
|
|
--ldap-default <default>
|
Specifies the default role for LDAP users who have not been explicitly been added to the cluster. This option may be set to "admins", "ro_admins", or "none". If this option is set to
|
"admins" then all LDAP users not explicitly add to this cluster have administrator privileges. If this option is set to "roadmins" then all LDAP users not explicitly add to this cluster
|
have read-only administrator privileges. If this option is set to "none" then all LDAP users not explicitly add to this cluster will have no access. This option default to "none".
|
|
HOST FORMATS
|
When specifying a host for the couchbase-cli command the following formats are expected:
|
|
· couchbase://<addr>
|
|
· <addr>:<port>
|
|
· http://<addr>:<port>
|
|
It is recommended to use the couchbase://<addr> format for standard installations. The other two formats allow an option to take a port number which is needed for non-default installations
|
where the admin port has been set up on a port other that 8091.
|
|
EXAMPLES
|
To enable LDAP on a cluster run the following command.
|
|
$ couchbase-cli setting-ldap -c 192.168.1.5 --username Administrator \
|
--password password --ldap-enabled 1
|
|
To add users alice and barry as Administrators and users clair and daniel as Read-Only Administrators run the following command.
|
|
$ couchbase-cli setting-ldap -c 192.168.1.5 --username Administrator \
|
--password password --ldap-enabled 1 --ldap-admins alice,barry \
|
--ldap-ro-admins clair,daniel
|
|
To enable LDAP and allow all LDAP users to have Amdinistrator access run the following command.
|
|
$ couchbase-cli setting-ldap -c 192.168.1.5 --username Administrator \
|
--password password --ldap-enabled 1 --ldap-default admins
|
|
ENVIRONMENT AND CONFIGURATION VARIABLES
|
CB_REST_USERNAME
|
Specifies the username to use when executing the command. This environment variable allows you to specify a default argument for the -u/--username argument on the command line.
|
|
CB_REST_PASSWORD
|
Specifies the password of the user executing the command. This environment variable allows you to specify a default argument for the -p/--password argument on the command line. It also
|
allows the user to ensure that their password are not cached in their command line history.
|
|
SEE ALSO
|
couchbase-cli-admin-role-manage(1), couchbase-cli-user-manage(1)
|
|
COUCHBASE-CLI
|
Part of the couchbase-cli(1) suite
|
|
AUTHOR
|
Couchbase
|
Build couchbase-server-6.5.0-2078 contains couchbase-cli commit 3808231 with commit message:
MB-32709Merge branch 'alice'