I want to connect my AWX instance via LDAPs to our MS AD, but where/and how to install the CA root-trusted certificate?
Furthermore, I want to grant a login only from users of a certain group (memberOf), where I do not know how to deposit this attribute
If you're running your AWX instance in docker.
Install the certificates on your machine where you're running docker on. During the installation provide the path to root certs (inventory file in installer dir):
ca_trust_dir=/etc/pki/ca-trust/source/anchors
If you have AWX already installed and don't want to re-deploy - install certificates to awx_web and awx_task containers.
Copy cert and go to the container, e.g.
docker cp cert.crt awx_task:/etc/pki/ca-trust/source/anchors/your_org.crt
docker exec -it awx_task /bin/bash
Finally install the cert:
update-ca-trust enable
update-ca-trust extract
Repeat for the second container (awx_web)