Hi @renjith_tr
Unfortunately with the current release, users can only be mapped to DN’s using template. We’ll need to add query as well based on use cases like this for lookups based on attributes within the DN.
This isn’t a limitation of helm, but of the ldap settings which are allowed within the CouchbaseCluster spec.
On the upside, I suspect that what you really want to use here is ldap.groupsQuery because the usernames appear to be attributes of a constant DN (which is effectively a group).
Something like this might work…
ldap:
groupsQuery: OU=Administrative Accounts,OU=ADGroup,DC=CMP,DC=example,DC=com??one?(sAMAccountName=%u)
Then create a CouchbaseGroup resource with ldapGroupRef set to OU=Administrative Accounts,OU=ADGroup,DC=CMP,DC=example,DC=com
As a result, anytime a user within your ldapGroupRef tries to authenticate, couchbase will allow it as long as user is within referenced group.
Also with this approach you won’t have to create CouchbaseUser resources for each user that you are trying to authenticate.