How do i configure Ezeelogin to authenticate using OpenLdap(Pam-Ldap) in centos ?

Integration of Open-LDAP (PAM-LDAP) in centos

Make sure that PHP-LDAP extension is installed on the server 

root@jumpserver:~# yum intall php-ldap ;apachectl restart

1.  Login to Web-GUI > open settings > Ldap 

Add the details in LDAP setting page.Check the following video to fill and configure Pam-LDAP

  

 Add the details of LDAP configurations

 

2  Under Settings > general > Authentication > change Webpanel authentication to ldap & Check PAM Authentication

 
 
3. Select the LDAP users and import to ezeelogin
 
 
 

you can confirm the imported LDAP users were listed in Users 

 

Now you can login to ezeelogin with ldap user in ezeelogin GUI

 
Let's configure PAM_LDAP Authentication for SSH  
 
Login to ezeelogin ssh server to configure pam-LDAP
 
 
Install pam-LDAP module by the following command

 #yum install nss-pam-ldapd nscd  

 
  Enter the command to auto-configure  

#authconfig-tui  

   
 Select use ldap & use LDAP authentication 
 
 
 
  Enter the details in LDAP setting you can use the above video to fetch details  
 
  Add Binddn & bind password to /etc/nslcd.conf  
 

vi /etc/nslcd.conf

binddn cn=admin,dc=eztest,dc=net

bindpw chaSD@#234JH56hj^7

 

  And add bindn and bind password to the file
 
 Enable autocreate home directory on login by the following command  

authconfig --enablemkhomedir --update

 
Restart nslcd & nscd service

service nslcd restart && service nscd restart  

Ensure the login shell of ldap user is /usr/local/bin/ezsh  

     
Now run the id / finger command and see whether you are able get LDAP user details 
 

[root@jumpserver ~]# finger jake

Login: jake          Name: jake t

Directory: /home/jake     Shell: /usr/local/bin/ezsh

Last login Wed Jun 13 05:02 (EDT) on pts/1 from 10.1.1.13

No mail.

No Plan.

[root@jumpserver ~]# id jake

uid=1001(jake) gid=20001(domain users) groups=1547600513(domain users)

 
Run an ldapsearch to ensure that  results are correctly fetched from the ldap server.

ldapsearch -v -x -H ldap://10.11.1.164 -b "cn=jake j,cn=Users,dc=ad2016,dc=admod,dc=net" -D "cn=administrator,dc=ad2016,dc=admod,dc=net" -w redhat
ldap_initialize( ldap://10.11.1.103:389/??base )
filter: (objectclass=*)
requesting: All userApplication attributes
# extended LDIF
#
# LDAPv3
# base <cn=jake j,dc=ad2016,dc=admod,dc=net> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# jake j, ad2016.admod.net
dn: cn=jake j,dc=ad2016,dc=admod,dc=net
cn: jake j
givenName: jake
gidNumber: 500
sn: j
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
userPassword:: e01ENX15VHpOZUxJSFpTZzBZaGF6c3ZjQjVnPT0=
uidNumber: 1001
uid: jake
homeDirectory: /home/jake
loginShell: /usr/local/bin/ezsh

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

Quotation content

 
 
0 (0)
Article Rating (No Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    Can i install ezeelogin Jump server solution in a lan?
    Viewed 3131 times since Sat, Jul 8, 2017
    Setting session time out for the webinterface
    Viewed 2928 times since Wed, Jun 14, 2017
    How can i reset the default global key ?
    Viewed 916 times since Fri, Jun 8, 2018
    Configure Ezeelogin to authenticate using Windows_AD(Pam-Ldap) in ubuntu?
    Viewed 2727 times since Wed, Feb 7, 2018
    How do i configure Ezeelogin to authenticate using OpenLdap or Window AD server?
    Viewed 2621 times since Wed, Jan 24, 2018
    configure jump server to use SSL for MySQL
    Viewed 2663 times since Mon, Apr 30, 2018
    How to bypass the group menu in the backend shell and go directly to the entire server listing?
    Viewed 2065 times since Tue, Mar 27, 2018
    What setting to be changed in jump server configuration file if mysql is listening on a different port?
    Viewed 1935 times since Wed, Jun 14, 2017
    Set SSH User Expiry
    Viewed 1427 times since Thu, Sep 20, 2018
    Custom private key / public key pair in ssh gateway Solution
    Viewed 2665 times since Thu, Jun 15, 2017