we want to disable the ldap configuration in our ICP (CE). We did the following: https://www.ibm.com/support/knowledgecenter/en/SSBS6K_2.1.0.3/troubleshoot/ldap_superadmin.html But if we restart the master, the ldap-configuration comes back. It is not possible to remove the ldap config forever? Thx
You can remove the ldap-configuration by manually using the HTTP API. Here is the specific command:
curl -k -X POST --header "Authorization: Bearer $ACCESS_TOKEN" 'https://<cluster_lb_address>:8443/idmgmt/identity/api/v1/directory/ldap/offboardDirectory'
The response should be {"count":1} if the operation was successful. Also, returning to the "Manage > Authentication" page through the web UI should now display the "No LDAP connection found" page, indicating it was successfully removed.
You will need to know the cluster IP address, and retrieve the cluster administrator access token using the instructions on this page: https://www.ibm.com/support/knowledgecenter/en/SSBS6K_2.1.0.3/apis/access_api.html