add a prerequisite in LDAP doc

Signed-off-by: Felixnoo <felixliu@kubesphere.io>
2025-12-26 00:12:48 +00:00 · 2021-11-22 10:11:23 +08:00 · 2021-11-22 10:11:23 +08:00 · cfed2b6029
parent 67fc73ae91
commit cfed2b6029
4 changed files with 38 additions and 12 deletions
--- a/content/en/docs/access-control-and-account-management/external-authentication/set-up-external-authentication.md
+++ b/content/en/docs/access-control-and-account-management/external-authentication/set-up-external-authentication.md
@ -9,7 +9,7 @@ weight: 12210

 This document describes how to use an external identity provider such as an LDAP service or Active Directory service on KubeSphere.

-KubeSphere provides a built-in OAuth server. Users can obtain OAuth access tokens to authenticate themselves to the KubeSphere API. As a KubeSphere administrator, you can edit the `kubesphere-config` ConfigMap to configure OAuth and specify identity providers.
+KubeSphere provides a built-in OAuth server. Users can obtain OAuth access tokens to authenticate themselves to the KubeSphere API. As a KubeSphere administrator, you can edit  `ks-installer` of the CRD `ClusterConfiguration` to configure OAuth and specify identity providers.

 ## Prerequisites

@ -99,14 +99,14 @@ You can configure multiple identity providers (IdPs) in the 'identityProviders'

 Kubesphere provides the following types of identity providers by default:

-* [LDAPIdentityProvider](../use-an-ldap-service)
+* [LDAP Identity Provider](../use-an-ldap-service)

-* [OIDCIdentityProvider](../oidc-identity-provider)
+* [OIDC Identity Provider](../oidc-identity-provider)

-* [GitHubIdentityProvider]()
+* [GitHub Identity Provider]()

-* [CASIdentityProvider]()
+* [CAS Identity Provider]()

-* [AliyunIDaaSProvider]()
+* [Aliyun IDaaS Provider]()

 You can also expand the kubesphere [OAuth2 authentication plug-in](../use-an-oauth2-identity-provider) to integrate with your account system.
--- a/content/en/docs/access-control-and-account-management/external-authentication/use-an-ldap-service.md
+++ b/content/en/docs/access-control-and-account-management/external-authentication/use-an-ldap-service.md
@ -12,8 +12,21 @@ This document describes how to use an LDAP service as an external identity provi
 ## Prerequisites

 * You need to deploy a Kubernetes cluster and install KubeSphere in the cluster. For details, see [Installing on Linux](/docs/installing-on-linux/) and [Installing on Kubernetes](/docs/installing-on-kubernetes/).
+
 * You need to obtain the manager distinguished name (DN) and manager password of an LDAP service.

+* If you are using KubeSphere 3.2.0, run the following command before configuring LDAP:
+
+  ```bash
+  kubectl -n kubesphere-system set image deployment/ks-apiserver *=kubespheredev/ks-apiserver:release-3.2
+  ```
+
+  {{< notice note >}}
+
+  This is not required in the next release.
+
+  {{</ notice >}}
+
 ## Procedure

 1. Log in to KubeSphere as `admin`, move the cursor to <img src="/images/docs/access-control-and-account-management/external-authentication/set-up-external-authentication/toolbox.png" width="20px" height="20px"> in the lower-right corner, click **kubectl**, and run the following command to edit `ks-installer` of the CRD `ClusterConfiguration`:
--- a/content/zh/docs/access-control-and-account-management/external-authentication/set-up-external-authentication.md
+++ b/content/zh/docs/access-control-and-account-management/external-authentication/set-up-external-authentication.md
@ -9,7 +9,7 @@ weight: 12210

 本文档描述了如何在 KubeSphere 上使用外部身份提供者，例如 LDAP 服务或 Active Directory 服务。

-KubeSphere 提供了一个内置的 OAuth 服务。用户通过获取 OAuth 访问令牌以对 API 进行身份验证。作为 KubeSphere 管理员，您可以编辑 `kubesphere-config` 来配置 OAuth 并指定身份提供者。
+KubeSphere 提供了一个内置的 OAuth 服务。用户通过获取 OAuth 访问令牌以对 API 进行身份验证。作为 KubeSphere 管理员，您可以编辑 CRD `ClusterConfiguration` 中的 `ks-installer` 来配置 OAuth 并指定身份提供者。

 ## 准备工作

@ -99,14 +99,14 @@ KubeSphere 提供了一个内置的 OAuth 服务。用户通过获取 OAuth 访

 KubeSphere 默认提供了以下几种类型的身份提供者：

-* [LDAPIdentityProvider](../use-an-ldap-service)
+* [LDAP Identity Provider](../use-an-ldap-service)

-* [OIDCIdentityProvider](../oidc-identity-provider)
+* [OIDC Identity Provider](../oidc-identity-provider)

-* [GitHubIdentityProvider]()
+* [GitHub Identity Provider]()

-* [CASIdentityProvider]()
+* [CAS Identity Provider]()

-* [AliyunIDaaSProvider]()
+* [Aliyun IDaaS Provider]()

 您也可以拓展 KubeSphere [OAuth2 认证插件](../use-an-oauth2-identity-provider) 与您的帐户系统进行集成。
--- a/content/zh/docs/access-control-and-account-management/external-authentication/use-an-ldap-service.md
+++ b/content/zh/docs/access-control-and-account-management/external-authentication/use-an-ldap-service.md
@ -12,8 +12,21 @@ weight: 12220
 ## 准备工作

 * 您需要部署一个 Kubernetes 集群，并在集群中安装 KubeSphere。有关详细信息，请参阅[在 Linux 上安装](../../../installing-on-linux/)和[在 Kubernetes 上安装](../../../installing-on-kubernetes/)。
+
 * 您需要获取 LDAP 服务的管理员专有名称（DN）和管理员密码。

+* 如果您使用 KubeSphere 3.2.0，请在配置 LDAP 之前执行以下命令：
+
+  ```bash
+  kubectl -n kubesphere-system set image deployment/ks-apiserver *=kubespheredev/ks-apiserver:release-3.2
+  ```
+
+  {{< notice note >}}
+
+  下个版本无需执行此步。
+
+  {{</ notice >}}
+
 ## 步骤

 1. 以 `admin` 身份登录 KubeSphere，将光标移动到右下角 <img src="/images/docs/access-control-and-account-management/external-authentication/set-up-external-authentication/toolbox.png" width="20px" height="20px"> ，点击 **kubectl**，然后执行以下命令来编辑 CRD `ClusterConfiguration` 中的 `ks-installer`：