Register for the iXsystems Community to get an ad-free experience and exclusive discounts in our eBay Store.

JumpCloud and FreeNAS LDAP integration - no groups

Joined
Jan 3, 2018
Messages
2
I am integrating JumpCloud's LDAP service with FreeNAS 11.1. The support people at JumpCloud have been very helpful and gave me directions to establish the link between the two.

I am seeing the users from JumpCloud show up in the permissions dialog box when I edit permissions on a dataset. However, I am not seeing the groups.

I am not sure how to proceed with debugging this. Is there a way to query the local cache to see which users have made it to the FreeNAS user/group cache? Is there a log file I can monitor to see if FreeNAS is requesting both user and group information?

Thanks - Randy
 

Nick2253

FreeNAS Expert
Joined
Apr 21, 2014
Messages
1,422
Joined
Jan 10, 2019
Messages
1
Hi,
Has anybody figured out how to fix this issue?

Just hit the same problem on FreeNAS-11.2-RELEASE-U1
(Build Date: Dec 20, 2018 22:41)

Thanks.
 

tiberiusQ

Newbie
Joined
Jul 10, 2017
Messages
45
Hi,

it seem to be necessary to create also linux groups in jumpcloud to get them in freenas...
 

Patrick M. Hausen

FreeNAS Guru
Joined
Nov 25, 2013
Messages
724
Do FreeNAS and JumpCloud agree on the schema used to designate group membership? There are two general approaches - either have a member attribute inside each group object for all members, or have a memberOf attribute in each user object for all groups the user is a member of.

Just as a general line of thought. I don't know anything about JumpCloud, but I have done numerous successful AD integrations for FreeBSD and Linux environments. Second I always bring an LDAP browser like Apache Directory Studio when faced with such a task, to actually browse the LDAP structure I'm dealing with.

HTH,
Patrick
 

anodos

Sambassador
iXsystems
Joined
Mar 6, 2014
Messages
5,875
Our LDAP service works with jumpcloud without issues. IIRC they use RFC2307 schema with the SMB ldap schema extensions. You just have to configure the users and groups correctly for them to be usable over SMB.
 
Top