Integrate OneLogin VLDAP with jumpserver
OneLogin VLDAP with jumpserver
Overview: This article describes how to integrate vldap with Jumpserver, focusing on configuring ldap settings in OneLogin and Jumpserver to enable web application authentication.
To set up authentication using VLDAP, follow the detailed steps below to complete the integration process smoothly.
Step 1: Log in to OneLogin enable VLDAP under authentication field and copy the virtual distinguished name.
Step 2: Add the ldap client ip address to allow access.
Step 3: Create a user in onelogin
Provide the user details and click save user.
Step 4: Paste the copied Distinguished Name (from OneLogin under Authentication -> VLDAP) into the Ezeelogin GUI under Settings -> LDAP -> Bind RDN, and replace the email portion with the Bind user's email address. Also add the details of ldap configurations and save.
Step 4(A): Go to Settings -> General -> Security -> enable Auto Create User and save.
Step 4(B): Open Settings -> General -> Authentication -> change web panel authentication to LDAP.
Step 5: Navigate to Users -> LDAP and select the LDAP users and import them to Ezeelogin.
Step 6: The imported LDAP users can be confirmed as listed in the Users tab.
Step 7: Re-login to the Ezeelogin GUI with LDAP authentication.
Step 8: Also, try logging in to the Ezeelogin shell using WebSSH (refer the below screenshot) or any SSH client such as PuTTY or a terminal.
How to map Vlad OneLogin users to the same user group in Ezeelogin?
Step 1: Log in to Onelogin GUI, navigate to the users tab, then go to Groups -> New Group.
Next, assign a user(here, username is Abin) to the group created earlier. Navigate to the Users tab -> selecting a user -> clicking on the Authentication field -> and selecting the group from the dropdown. Refer below screenshot.
Step 2: Create the same group in gateway server with priority and save it.
Step 3: In the Ezeelogin GUI, go to Settings -> LDAP, add the group attribute name(here memberOf) and save.
Step 4: Go to Settings -> General -> then change Web Panel Authentication to LDAP Authentication.
Step 5: Re-login to the Ezeelogin GUI using LDAP authentication and ensure that the OneLogin user is mapped to the same group in Ezeelogin as in OneLogin (e.g., the OneLogin user abin is mapped to the Develop group created in OneLogin).
Related Articles:
Integrate OpenLDAP / Windows Active Directory authentication in Ezeelogin jump server
How do I configure Ezeelogin to authenticate using OpenLdap or Window AD server?
Configure Ezeelogin to authenticate using Windows_AD / OpenLDAP in Debian?
How to use the LDAP password as the security code on user login in SSH?
Can we map existing user group in ldap to Ezeelogin as Ezeelogin user group?
Configure internal authentication for gateway Users while ldap authentication is enabled globally