LDAP sync

[ofira]

Hi,
I'm hoping someone could help.
I have ProxMox VE 7.0-8 setup for sync with LDAP cloud directory (JumpCloud).
The sync is successful and I can see groups syncing but not users.
I've uploaded the Idp's certificate and setup the path explicitly.
I triple checked everything against the Idp' docs and ProxMox's docs.
Can some please help with this?
Thank you.

 

[dcsapak]

can you post the sync settings from /etc/pve/domains.cfg ?

 

[ofira]

can you post the sync settings from /etc/pve/domains.cfg ?

Hi,
Sure, thanks for the help.


pam: pam
comment Linux PAM standard authentication

pve: pve
comment Proxmox VE authentication server

ldap: JumpCloud
base_dn ou=Users,o=ORG_ID******************,dc=jumpcloud,dc=com
server1 ldap.jumpcloud.com
user_attr ldapbn
bind_dn uid=ldapbn,ou=Users,o=ORG_ID********************,dc=jumpcloud,dc=com
capath /etc/ssl/certs/jumpcloud.chain.pem
default 1
port 636
secure 1
sync-defaults-options full=1,purge=1,scope=users
verify 1

 

[dazza76]

FYI
ldap: jumpcloud
base_dn ou=Users,o=**************,dc=jumpcloud,dc=com
server1 ldap.jumpcloud.com
user_attr uid
bind_dn uid=ldap_sync,ou=Users,o=**************,dc=jumpcloud,dc=com
capath /etc/ssl/certs/jumpcloud.ldap.pem
default 1
group_classes groupOfNames
group_name_attr uid
port 636
secure 1
sync-defaults-options remove-vanished=acl;entry;properties,scope=both
sync_attributes email=email
user_classes inetOrgPerson



also if you need the cert
echo -n | openssl s_client -connect ldap.jumpcloud.com:636 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > /usr/local/share/ca-certificates/jumpcloud.ldap.crt
update-ca-certificates