1.2k questions

1.4k answers

361 comments

339 users

Categories

Sidebar
0 votes
144 views
by ben-s-7515 (13.0k points)
We would like to connect our QIE instance to JumpCloud instead of Windows for the LDAP authentication. How do we configure QIE to make this happen?

1 Answer

0 votes

JumpCloud uses some custom tags and approaches for LDAP authentication. This means that the standard filters and tags that work with a Microsoft Domain controller won't work with JumpCloud.

To configure the LDAP the roles inside of QIE will need to be set up and configured first. Also, a user in JumpCloud will need to be configured that has query rights for the LDAP service.

Once these steps are completed, then you will configure the QIE services with the following options:

From the System Config page, scroll down to the LDAP section.

LDAP Endpoint: ldaps://ldap.jumpcloud.com:636

Base Domain: ou=Users,o=[org_id],dc=jumpcloud,dc=com

UserId Template: uid={userId},ou=Users,o=[ord_id],dc=jumpcloud,dc=com

Query Username: [Set to the username/password of a user with query privileges]

Filter: (&(uid={userId})(objectClass=inetOrgPerson))

For the domain mapping, you will add a row for each group that needs to be mapped.

LDAP Group: cn=QIE,ou=Users,o=[org_id],dc=jumpcloud,dc=com

QIE Role: 'Admin'

Once the configuration is complete, you can save the changes, then click on the 'Test LDAP' button at the top of the section to test a user in the JumpCloud environment. It should come back with a Success or Failure message.

by ben-s-7515 (13.0k points)
...