# LDAP

## LDAP Overview <a href="#ldap-overview" id="ldap-overview"></a>

* Lightweight Directory Access Protocol (LDAP) is a client/server protocol used to access and manage directory information. This allows user to read/edit directories over IP networks and runs directly over TCP/IP using simple string formats for data transfer.
* In Spinnaker, a standard ‘bind’ approach is used for LDAP authentication.

## Configure LDAP using Halyard <a href="#configure-ldap-using-halyard" id="configure-ldap-using-halyard"></a>

* Execute the below command to enable LDAP on Spinnaker.

  ```
      hal config security authn ldap enable
  ```
* Execute the below command to edit and add the all the LDAP related parameters Spinnaker settings

  ```
      hal config security authn ldap edit --user-dn-pattern="uid={0},uid=users" --
      url=ldaps://ldap.my-organization.com:10636/dc=my-organization,dc=com
  ```

## Next Steps <a href="#next-steps" id="next-steps"></a>

* Now that LDAP authentication is configured on Spinnaker, proceed further with the authorization.