Rancher must be configured with a LDAP bind account (aka service account) to search and retrieve LDAP entries pertaining to users and groups that should have access. It is recommended to not use an administrator account or personal account for this purpose and instead create a dedicated account in OpenLDAP with read-only access to users and groups under the configured search base (see below).

1. Log into the Rancher UI using the initial local account.
2. From the Global view, navigate to Security > Authentication

Once you have completed the configuration, proceed by testing the connection to the OpenLDAP server. Authentication with OpenLDAP will be enabled implicitly if the test is successful.

1. Enter the username and password for the OpenLDAP account that should be mapped to the local principal account.
2. Click Authenticate With OpenLDAP to test the OpenLDAP connection and finalise the setup.

Result:

• The LDAP user pertaining to the entered credentials is mapped to the local principal (administrative) account.