Search code examples
ldaprundeck

Was anyone able to connect JumpCloud to Rundeck via LDAP?

I've been trying to connect JC to Rundeck via LDAP for two days without any luck. Username and password for the bind user are 100% correct.

Error:

ERROR jaas.JettyCachingLdapLoginModule - Naming error
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]

Has anyone been able to configure this successfully?

my jaas-ldap.conf file looks like this:

    com.dtolabs.rundeck.jetty.jaas.JettyCachingLdapLoginModule sufficient
      debug="true"
      contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
      providerUrl="ldaps://ldap.jumpcloud.com"
      bindDN="uid=<username>,ou=Users,o=<xxxxxx>,dc=jumpcloud,dc=com"
      bindPassword="<password>"
      authenticationMethod="simple"
      forceBindingLogin="false"
      userBaseDn="ou=Users,o=<xxxxxx>,dc=jumpcloud,dc=com"
      userRdnAttribute="uid"
      userIdAttribute="uid"
      userPasswordAttribute="userPassword"
      userObjectClass="posixAccount"
      roleBaseDn="ou=Users,o=<xxxxxxx>,dc=jumpcloud,dc=com"
      roleNameAttribute="cn"
      roleUsernameMemberAttribute="memberUid"
      roleMemberAttribute="memberUid"
      roleObjectClass="posixGroup"
      cacheDurationMillis="300000"
      reportStatistics="true"
      supplementalRoles="user"
      timeoutConnect="20000"
      nestedGroups="true";
Solution 
  • rundeck {
com.dtolabs.rundeck.jetty.jaas.JettyCombinedLdapLoginModule sufficient
    debug="true"
    contextFactory="com.sun.jndi.ldap.LdapCtxFactory"
    providerUrl="ldap://ldap.jumpcloud.com:389"
    bindDn="uid=xxxxxxxxx,ou=Users,o=xxxxxxxxxxxx,dc=jumpcloud,dc=com"
    bindPassword="xxxxxxxxxxxxxxxxx"
    authenticationMethod="simple"
    forceBindingLogin="true"
    forceBindingLoginUseRootContextForRoles="true"
    userBaseDn="ou=Users,o=xxxxxxxxxxxx,dc=jumpcloud,dc=com"
    userRdnAttribute="cn"
    userIdAttribute="uid"
    userPasswordAttribute="userPassword"
    userObjectClass="person"
    roleBaseDn="ou=Users,o=XXXXXXXXXXX,dc=jumpcloud,dc=com"
    roleNameAttribute="cn"
    roleMemberAttribute="uniqueMember"
    roleObjectClass="(&(objectClass=groupOfNames)(cn=*))"
    rolePrefix=""
    cacheDurationMillis="600000"
    reportStatistics="true"

;

org.eclipse.jetty.jaas.spi.PropertyFileLoginModule required
    debug="true"
    file="/home/rundeck/server/config/realm.properties";

    };

    Works for me :D