openldap

package module
v0.17.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 7, 2025 License: MPL-2.0 Imports: 29 Imported by: 3

README

Vault Plugin: OpenLDAP Secrets Backend

This is a standalone backend plugin for use with Hashicorp Vault. This plugin provides OpenLDAP functionality to Vault.

Please note: We take Vault's security and our users' trust very seriously. If you believe you have found a security issue in Vault, please responsibly disclose by contacting us at security@hashicorp.com.

Getting Started

This is a Vault plugin and is meant to work with Vault. This guide assumes you have already installed Vault and have a basic understanding of how Vault works.

Otherwise, first read this guide on how to get started with Vault.

To learn specifically about how plugins work, see documentation on Vault plugins.

Usage

Please see documentation for the plugin on the Vault website.

This plugin is currently built into Vault and by default is accessed at openldap. To enable this in a running Vault server:

$ vault secrets enable openldap
Success! Enabled the openldap secrets engine at: openldap/

Updating the Changelog

All pull requests that introduce a user-facing change must include a changelog entry. We use the changie tool to manage these entries and automate the release process.

1. Installing Changie

You only need to do this once. If you don't have changie installed, choose one of the options below.

  • Homebrew (macOS): 
    brew install changie
  • Go Install: 
    go install github.com/miniscruff/changie@latest
  • Other Methods: See the official changie installation guide for other options, including pre-compiled binaries.
2. Creating an Entry

Once your code changes are complete, create the changelog entry:

  1. Run the command in your terminal:

    changie new

  2. Follow the prompts. An interactive prompt will ask you to select the kind of change (e.g., BREAKING CHANGES, NOTES, FEATURES) and write a concise description of what you changed.

  3. Commit the new file. After you're done, changie will create a new YAML file in the .changie/unreleased directory. Commit this file along with your other code changes before submitting your pull request.

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Backend 

func Backend(client ldapClient) *backend

func Factory 

func Factory(ctx context.Context, conf *logical.BackendConfig) (logical.Backend, error)

Types

type CheckOut added in v0.9.0 

type CheckOut struct {
	IsAvailable         bool   `json:"is_available"`
	BorrowerEntityID    string `json:"borrower_entity_id"`
	BorrowerClientToken string `json:"borrower_client_token"`
}

CheckOut provides information for a service account that is currently checked out.

type Client 

type Client struct {
	// contains filtered or unexported fields
}

func NewClient 

func NewClient(logger hclog.Logger) *Client

func (*Client) Execute added in v0.4.0 

func (c *Client) Execute(conf *client.Config, entries []*ldif.Entry, continueOnError bool) (err error)

func (*Client) UpdateDNPassword added in v0.9.0 

func (c *Client) UpdateDNPassword(conf *client.Config, dn string, newPassword string) error

UpdateDNPassword updates the password for the object with the given DN.

func (*Client) UpdateUserPassword added in v0.9.0 

func (c *Client) UpdateUserPassword(conf *client.Config, username string, newPassword string) error

UpdateUserPassword updates the password for the object with the given username.

Source Files

View all Source files

Directories

Path Synopsis
tools command
cmd
vault-plugin-secrets-openldap command

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.