How do i configure Ezeelogin to authenticate using OpenLdap(Pam-Ldap) in centos ?

Integration of Open-LDAP (PAM-LDAP) in centos

Make sure that PHP-LDAP extension is installed on the server 

root@jumpserver:~# yum install php-ldap openldap openldap-clients ;apachectl restart

1.  Login to Web-GUI > open settings > Ldap

 

 Add the details of LDAP configurations

 

2  Under Settings > general > Authentication > change Webpanel authentication to ldap & Check PAM Authentication

 
 
3. Select the LDAP users and import to ezeelogin
 
 
 

you can confirm the imported LDAP users were listed in Users 

 

Now you can login to ezeelogin with ldap user in ezeelogin GUI

 
Let's configure PAM_LDAP Authentication for SSH  
 
Login to ezeelogin ssh server to configure pam-LDAP
 
 
1. Install pam-LDAP module by the following command

 #yum install nss-pam-ldapd nscd  

 
2.  Enter the command to auto-configure  

#authconfig-tui  

   
 Select use ldap & use LDAP authentication 
 
 
 
 
3.  Add Binddn & bind password to /etc/nslcd.conf  
 

vi /etc/nslcd.conf

binddn cn=admin,dc=eztest,dc=net

bindpw chaSD@#234JH56hj^7

 

  And add bindn and bind password to the file
 
4. Enable autocreate home directory on login by the following command  

authconfig --enablemkhomedir --update

 
5. Restart nslcd & nscd service

service nslcd restart && service nscd restart  

Ensure the login shell of ldap user is /usr/local/bin/ezsh  

     
Now run the id / finger command and see whether you are able get LDAP user details 
 

[root@jumpserver ~]# finger jake

Login: jake          Name: jake t

Directory: /home/jake     Shell: /usr/local/bin/ezsh

Last login Wed Jun 13 05:02 (EDT) on pts/1 from 10.1.1.13

No mail.

No Plan.

[root@jumpserver ~]# id jake

uid=1001(jake) gid=20001(domain users) groups=1547600513(domain users)

 
Run an ldapsearch to ensure that  results are correctly fetched from the ldap server.

ldapsearch -v -x -H ldap://10.11.1.164 -b "cn=jake j,cn=Users,dc=ad2016,dc=admod,dc=net" -D "cn=administrator,dc=ad2016,dc=admod,dc=net" -w redhat
ldap_initialize( ldap://10.11.1.103:389/??base )
filter: (objectclass=*)
requesting: All userApplication attributes
# extended LDIF
#
# LDAPv3
# base <cn=jake j,dc=ad2016,dc=admod,dc=net> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#

# jake j, ad2016.admod.net
dn: cn=jake j,dc=ad2016,dc=admod,dc=net
cn: jake j
givenName: jake
gidNumber: 500
sn: j
objectClass: inetOrgPerson
objectClass: posixAccount
objectClass: top
userPassword:: e01ENX15VHpOZUxJSFpTZzBZaGF6c3ZjQjVnPT0=
uidNumber: 1001
uid: jake
homeDirectory: /home/jake
loginShell: /usr/local/bin/ezsh

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1

Quotation content

 
 

setting the context and environment in which something is set More (Definitions, Synonyms, Translation)

0 (0)
Article Rating (No Votes)
Rate this article
    Attached Files
    There are no attachments for this article.
    Related Articles RSS Feed
    How can i reset password / security code ?
    Viewed 3152 times since Wed, Oct 18, 2017
    How to pass environment variable through jump server?
    Viewed 1734 times since Tue, Jul 17, 2018
    add amazon ec2 in jump server or aws jumpbox
    Viewed 4393 times since Tue, May 8, 2018
    Integrate Red Hat IDM in Ezeelogin jump server
    Viewed 325 times since Thu, Jan 14, 2021
    what port should i open on my server firewall to fetch ezeelogin license?
    Viewed 3561 times since Wed, Aug 16, 2017
    Set SSH User Expiry
    Viewed 2202 times since Thu, Sep 20, 2018
    How do i configure Ezeelogin to authenticate using Windows_AD(Pam-Ldap) in centos?
    Viewed 4822 times since Wed, Feb 7, 2018
    configure jump server to use SSL for MySQL server 5.7 version
    Viewed 27498 times since Thu, Apr 12, 2018
    What setting to be changed in jump server configuration file if mysql is listening on a different port?
    Viewed 2389 times since Wed, Jun 14, 2017
    How can i disable MySQL strict mode ?
    Viewed 3956 times since Tue, Feb 12, 2019