Official website address: JumpServer - Open Source Bastion Host - Official Website
Online phone: 400-052-0755
Technical support: JumpServer technical consultation
overview
This article mainly introduces how to connect Windows AD domain service in JumpServer. Pull users, user groups, etc. from the Windows AD domain.
docking
The configuration location of JumpServer connected to Windows AD domain is located at: "System Settings" → "Authentication Settings" → "LDAP".
The above is an example of successful LDAP connection:
detailed configuration
LDAP server
The LDAP address is the address of the AD domain control server, generally ldap://domain control IP:389, the default port of the AD domain control service is 389, and the default port after configuration encryption is 636.
Bind DN is to fill in the DN information of a domain controller administrator whose password does not change frequently, and needs to be searched on the AD domain server.
Find the AD domain controller administrator in User, and enter the administrator information into JumpServer. The password is the password of the domain controller administrator.
The configuration is successful as follows:
LDAP users
User OU refers to the location of the user we need to import. For example, if I want to import the Users group, fill in the user OU as follows:
User filters and user attributes generally do not need to be changed. If you need to change the attribute mapping, you can change the corresponding attributes according to actual needs.
other
Enable LDAP authentication.
Test and Import
1. Click "Test Connection" to match users. If the user is matched, the LDAP configuration is correct. Click "Submit" to save the configuration
2. Click "User Import" to match the users in the corresponding AD domain; if you do not see the user, click the "Refresh" button.
3. To import users, select the users to be imported and click "Import".
4. Imported successfully.
