Hi @renjith_tr
Unfortunately with the current release, users can only be mapped to DN’s using template. We’ll need to add query as well based on use cases like this for lookups based on attributes within the DN.
This isn’t a limitation of helm, but of the ldap settings which are allowed within the CouchbaseCluster spec.
On the upside, I suspect that what you really want to use here is ldap.groupsQuery
because the usernames appear to be attributes of a constant DN (which is effectively a group).
Something like this might work…
ldap:
groupsQuery: OU=Administrative Accounts,OU=ADGroup,DC=CMP,DC=example,DC=com??one?(sAMAccountName=%u)
Then create a CouchbaseGroup
resource with ldapGroupRef
set to OU=Administrative Accounts,OU=ADGroup,DC=CMP,DC=example,DC=com
As a result, anytime a user within your ldapGroupRef tries to authenticate, couchbase will allow it as long as user is within referenced group.
Also with this approach you won’t have to create CouchbaseUser resources for each user that you are trying to authenticate.