Configuring ezeelogin for authentication with OpenLDAP or Windows AD server

Overview: This article outlines how to configure Ezeelogin for authentication with OpenLDAP or Windows AD servers. It covers the use of the AutoCreate feature for system user creation, steps for integrating OpenLDAP and Windows AD, and importing LDAP users into Ezeelogin for secure authentication, without modifying existing directory attributes.

With the AutoCreate feature, the backend ssh authentication would not be using PAM-LDAP, instead, it would create a system user in the shell and would then be using system authentication for the backend authentication.

The advantage of using the AutoCreate feature is that you would not have to configure LDAP in ssh or modify your existing Active Directory attributes or OpenLDAP attributes.

Do read more about the drawbacks, since the ssh authentication would not be via LDAP, here

Make sure that the PHP-LDAP extension is installed on the server

For ubuntu 14.X, 16.x, 18.x, 20.x, 22.x. Replace the PHP version in the below command

root@jumpserver:~# apt-get install phpx.x-ldap

eg: root@jumpserver:~# apt-get install php8.2-ldap

root@jumpserver:~# systemctl restart apache2

For Centos 6 , 7, 8

root@jumpserver:~# yum install php-ldap ; apachectl restart

Integration of OpenLdap in ezeelogin jumpserver (Import openldap user to Ezeelogin jumpserver)

Step 1. Login to Web-GUI -> open settings -> LDAP

How to find base DN and bind RDN from Windows server

Add the details of LDAP configurations. Refer the below screenshot

Step 2. Open Settings -> General Settings -> Authentication -> Change webpanel authentication to LDAP

Step 3. Open Settings -> General settings -> Security -> Check Auto Create User

Step 4. Select the LDAP users and import them to Ezeelogin.

You can confirm the imported LDAP users were listed in the Users tab.

After importing the users to Ezeelogin, log in with the user and set up security code for the user under Account > Password > New Security Code.

Integration of Windows AD in Ezeelogin(Import Windows AD user to jump server)

How to find base DN and bind RDN

Step 1. Login to Web-GUI -> open settings -> LDAP

Add the details of LDAP configurations & Check the WINDOWS ACTIVE DIRECTORY

Step 2. Open Settings > General > Authentication > change webpanel authentication to LDAP

Step 3. Open Settings -> General -> Security -> Check Auto Create User

Step 4. Select the LDAP users and import them to Ezeelogin

When importing an LDAP user, they will be assigned to the default group or the mapped user group. After the import, if we change the LDAP user to another user group, we will receive a note saying "Group Mismatch." This is not an error.

You can confirm the imported LDAP users were listed in the Users

After importing the users to Ezeelogin, log in with the user and set up a security code for the user under Account > Password > New Security Code.

Configure Ezeelogin to authenticate using Windows_AD(Pam-Ldap) in ubuntu

How do I configure Ezeelogin to authenticate using Windows_AD(Pam-LDAP) in CentOS

How do I configure Ezeelogin to authenticate using OpenLdap(Pam-Ldap) in CentOS

How to configure Ezeelogin to authenticate using Open_Ldap(Pam-Ldap) in Ubuntu

Assigning user group for LDAP users?

Can we map existing user group in ldap to ezeelogin as ezeelogin user group ?

Add AD as LDAP with non-administrator user