Live Workshop: Integrate Google SecOps with Bindplane - Join Us on January 29th at 11 AM ET!Sign Up Now

Changing BindPlane OP Authentication Type

Migrate BindPlane OP Auth type between System, LDAP or Active Directory

Using the CLI, you can migrate your authentication type that BindPlane OP uses from System, LDAP or Active Directory.

Migrating between Authentication Types in BindPlane OP

Prerequisites

The BindPlane OP free edition license does not include LDAP or Active Directory authentication types. More information on version comparisons can be found here as well as requesting a trial license.

Backup existing environment

The first step in any major change to your BindPlane OP instance is to back up your current settings and environment. This is an important step for disaster recover and should be performed before any major changes to your environment. The latest backup instructions can be found here.

You will also want to back up your configuration file located at /etc/bindplane/config.yaml which will contain the system authentication username and password should you want to switch back to system auth.

Switching from System, Active Directory or LDAP Authentication Methods

The following example will switch your BindPlane OP auth type between System, Active Directory or LDAP Authentication and migrate them over.

For an overview of what the options are for LDAP/Active Directory and their descriptions, see the table provided in our documentation.

Use the following command run from the BindPlane OP server itself, usually through SSH. If your configuration file is not in a default location, change /etc/bindplane/config.yaml to the applicable path:

bash
1sudo bindplane init auth -c /etc/bindplane/config.yaml

If you are switching from System Authentication, this will ask you for Active Directory or LDAP specific information that were outlined in the link above. If you run into any problems or questions with what it is asking for, simply abort the process and open a support ticket to ensure you have the right information.

note

Once you have set up the new authentication scheme, the first user you log in as will be an Organizational Admin. All Projects will be owned by that user.

note

If you are migrating BACK to System Authentication, for instance if you originally used system auth and migrated to Active Directory and now you are moving back to system auth again, be sure to enter your original username and password to retain the projects and org status. If you backed up the original config from the Backup Existing Environment step you can simply get it from there.