diff --git a/docs/harbor-doc-reorg/_index.md b/docs/harbor-doc-reorg/_index.md index 1b6eecce9..5eb598e34 100644 --- a/docs/harbor-doc-reorg/_index.md +++ b/docs/harbor-doc-reorg/_index.md @@ -17,6 +17,7 @@ This section describes how to install Harbor and perform the required initial co - [Troubleshooting Harbor Installation](install_config/troubleshoot_installation.md) - [Reconfigure Harbor and Manage the Harbor Lifecycle](install_config/reconfigure_manage_lifecycle.md) - [Customize the Harbor Token Service](install_config/customize_token_service.md) +- [Configure Harbor User Settings at the Command Line](install_config/configure_user_settings_cli.md) ## Harbor Administration @@ -24,13 +25,11 @@ This section describes how to use and maintain Harbor after deployment. These da - [Introduction](administration/_index.md) - [Configuring Authentication](administration/configure_authentication/configure_authentication.md) - - [Database Authentication](administration/configure_authentication/db_auth.md) - - [LDAP/Active Directory Authentication](administration/configure_authentication/ldap_auth.md) - - [OIDC Provider Authentication](administration/configure_authentication/oidc_auth.md) -- [Manage Users](administration/managing_users/managing_users.md) - - [Harbor Role Based Access Control (RBAC)](administration/managing_users/rbac.md) + - [Configure Database Authentication](administration/configure_authentication/db_auth.md) + - [Configure LDAP/Active Directory Authentication](administration/configure_authentication/ldap_auth.md) + - [Configure OIDC Provider Authentication](administration/configure_authentication/oidc_auth.md) +- [Role Based Access Control](administration/managing_users/rbac.md) - [User Permissions By Role](administration/managing_users/user_permissions_by_role.md) - - [Configure Harbor User Settings at the Command Line](administration/managing_users/configure_user_settings_cli.md) - [Administrator Options](administration/general_settings.md) - [Configure Project Settings](administration/configure_project_settings.md) - [Set Project Quotas](administration/set_project_quotas.md) diff --git a/docs/harbor-doc-reorg/administration/_index.md b/docs/harbor-doc-reorg/administration/_index.md index f5600ff54..8d1a16bc8 100644 --- a/docs/harbor-doc-reorg/administration/_index.md +++ b/docs/harbor-doc-reorg/administration/_index.md @@ -2,10 +2,4 @@ This section describes how to configure and maintain Harbor after deployment. These day 2 operations are performed by the Harbor Administrator. -- [Managing Users](managing_users/_index.md) -- [Configure Project Settings](configure_project_settings/_index.md) -- [Configuring Replication](configuring_replication/_index.md) -- [Vulnerability Scanning with Clair](vulnerability_scanning/_index.md) -- [Garbage Collection](garbage_collection/_index.md) -- [Upgrading Harbor](upgrade/_index.md) -- [Manage the Harbor Instance](manage_harbor/_index.md) \ No newline at end of file +RECREATE LINKS AND INDEX HERE \ No newline at end of file diff --git a/docs/harbor-doc-reorg/administration/configure_authentication/configure_authentication.md b/docs/harbor-doc-reorg/administration/configure_authentication/configure_authentication.md index e1392bcdb..49dfa3b5c 100644 --- a/docs/harbor-doc-reorg/administration/configure_authentication/configure_authentication.md +++ b/docs/harbor-doc-reorg/administration/configure_authentication/configure_authentication.md @@ -1,12 +1,14 @@ # Configuring Authentication -Harbor supports different modes for authenticating users and managing user accounts. +Harbor supports different modes for authenticating users and managing user accounts. You should select an authentication mode as soon as you deploy Harbor. -- [Database Authentication](db_auth.md) -- [LDAP/Active Directory Authentication](ldap_auth.md) -- [OIDC Provider Authentication](oidc_auth.md) +**IMPORTANT**: If you create user accounts in the Harbor database, Harbor is locked in database mode. You cannot change to a different authentication mode after you have created local users. -**NOTE**: The Harbor interface offers an option to configure UAA authentication. This authentication mode is not recommended and is not documented in this guide. +- [Database Authentication](db_auth.md): You create and manage user accounts directly in Harbor. The user accounts are stored in the Harbor database. +- [LDAP/Active Directory Authentication](ldap_auth.md): You connect Harbor to an external LDAP/Active Directory server. The user accounts are created and managed by your LDAP/AD provider. +- [OIDC Provider Authentication](oidc_auth.md): You connect Harbor to an external OIDC provider. The user accounts are created and managed by your ODIC provider. + +The Harbor interface offers an option to configure UAA authentication. This authentication mode is not recommended and is not documented in this guide. ---------- diff --git a/docs/harbor-doc-reorg/administration/configure_authentication/db_auth.md b/docs/harbor-doc-reorg/administration/configure_authentication/db_auth.md index 714d89fca..337c6c206 100644 --- a/docs/harbor-doc-reorg/administration/configure_authentication/db_auth.md +++ b/docs/harbor-doc-reorg/administration/configure_authentication/db_auth.md @@ -2,7 +2,7 @@ ---------- -# Database Authentication +# Configure Database Authentication In database authentication mode, user accounts are stored in the local database. By default, only the Harbor system administrator can create user accounts to add users to Harbor. You can optionally configure Harbor to allow self-registration. diff --git a/docs/harbor-doc-reorg/administration/configure_authentication/ldap_auth.md b/docs/harbor-doc-reorg/administration/configure_authentication/ldap_auth.md index 6d5b7ec5e..ff1fe8f75 100644 --- a/docs/harbor-doc-reorg/administration/configure_authentication/ldap_auth.md +++ b/docs/harbor-doc-reorg/administration/configure_authentication/ldap_auth.md @@ -2,7 +2,7 @@ ---------- -# LDAP/Active Directory Authentication +# Configure LDAP/Active Directory Authentication If you select LDAP/AD authentication, users whose credentials are stored in an external LDAP or AD server can log in to Harbor directly. In this case, you do not create user accounts in Harbor. diff --git a/docs/harbor-doc-reorg/administration/configure_authentication/oidc_auth.md b/docs/harbor-doc-reorg/administration/configure_authentication/oidc_auth.md index 6b9169f91..8afe80869 100644 --- a/docs/harbor-doc-reorg/administration/configure_authentication/oidc_auth.md +++ b/docs/harbor-doc-reorg/administration/configure_authentication/oidc_auth.md @@ -2,7 +2,7 @@ ---------- -# OIDC Provider Authentication +# Configure OIDC Provider Authentication If you select OpenID Connect (OIDC) authentication, users log in to the Harbor interface via an OIDC single sign-on (SSO) provider, such as Okta, KeyCloak, or dex. In this case, you do not create user accounts in Harbor. diff --git a/docs/harbor-doc-reorg/administration/managing_users/managing_users.md b/docs/harbor-doc-reorg/administration/managing_users/managing_users.md deleted file mode 100644 index 4bf3ee706..000000000 --- a/docs/harbor-doc-reorg/administration/managing_users/managing_users.md +++ /dev/null @@ -1,5 +0,0 @@ -# Managing Users - -- [Harbor Role Based Access Control (RBAC)](configure_rbac.md) -- [User Permissions By Role](user_permissions_by_role.md) -- [Configure Harbor User Settings at the Command Line](configure_user_settings_cli.md) diff --git a/docs/harbor-doc-reorg/administration/managing_users/rbac.md b/docs/harbor-doc-reorg/administration/managing_users/rbac.md index d80fcfe47..3491f3c44 100644 --- a/docs/harbor-doc-reorg/administration/managing_users/rbac.md +++ b/docs/harbor-doc-reorg/administration/managing_users/rbac.md @@ -17,6 +17,8 @@ Besides the above roles, there are two system-level roles: For full details of the permissions of the different roles, see [User Permissions By Role](user_permissions_by_role.md). +[Configure Harbor User Settings at the Command Line](configure_user_settings_cli.md) + ## Create User Accounts In database authentication mode, the Harbor system administrator creates user accounts manually. diff --git a/docs/harbor-doc-reorg/install_config/_index.md b/docs/harbor-doc-reorg/install_config/_index.md index e23552640..54f63fd4e 100644 --- a/docs/harbor-doc-reorg/install_config/_index.md +++ b/docs/harbor-doc-reorg/install_config/_index.md @@ -33,6 +33,8 @@ For information about how manage your deployed Harbor instance, see [Reconfigure By default, Harbor uses its own private key and certificate to authenticate with Docker. For information about how to optionally customize your configuration to use your own key and certificate, see [Customize the Harbor Token Service](customize_token_service.md). +After installation, you perform configuration operations in the Harbor interface. However, Harbor also provides a command line interface (CLI) that allows yoy to [Configure Harbor User Settings at the Command Line](configure_user_settings_cli.md). + ## Harbor Components The table below lists the components that are deployed when you deploy Harbor. diff --git a/docs/harbor-doc-reorg/administration/managing_users/configure_user_settings_cli.md b/docs/harbor-doc-reorg/install_config/configure_user_settings_cli.md similarity index 100% rename from docs/harbor-doc-reorg/administration/managing_users/configure_user_settings_cli.md rename to docs/harbor-doc-reorg/install_config/configure_user_settings_cli.md