To integrate JumpCloud's LDAP-as-a-Service with Morro CloudNAS you will need to configure Samba Authentication Support on your JumpCloud LDAP Instance and enable Samba Authentication on a Group of Users following the steps listed in Enabling Samba Support on JumpCloud LDAP.
- Create an LDAP Bind DN to assign as Samba Service Account
- Enable Samba Authentication on your JumpCloud LDAP Instance and assign Samba Service Account
- Create a Group of Users, enable Samba Authentication and add at least one User to the Group
- Create User Group as a Linux Group with a unique name and GID number
Configuration steps were qualified using Morro Data 4.2 via the Morro Cloud Manager web-based management interface. Please review the current Morro Data User's Guide for additional information on setting up and accessing the Morro Cloud Manager and managing the Morro Data CloudNAS solution.
Configure JumpCloud LDAP-as-a-Service for Morro CloudNAS Integration1) From the JumpCloud Administrative Portal, navigate to USERS panel and create a new JumpCloud User to enable as an LDAP Bind DN for assigning a Samba Service Account. Expand User Security Settings and Permissions to provide a password, Enable as LDAP Bind DN, and to set that this Service Accounts password never expires.
2) From the JumpCloud Administrative Portal, navigate to the DIRECTORIES tab and select JumpCloud LDAP to confirm that Samba Authentication is enabled, which will require an LDAP Bind DN be available to designate as the Samba Service Account.
3) Select the ‘USER GROUPS’ tab to the right of the JumpCloud LDAP ‘DETAILS’ tab. Confirm or enable a User Group for Samba Authentication and select ‘save’.
Tip: User Groups will populate in LDAP only if at least one User has been added to the Group
4) In order for User Groups to be populated within Morro CloudNAS, they must be created as a Linux Group and assigned a unique GID number. JumpCloud Users created or imported into JumpCloud are assigned a unique UID number automatically. Samba Authentication can be enabled during Group creation or from the JumpCloud LDAP User Groups panel as noted in the previous screenshot.
5) Gather the following information from your JumpCloud LDAP Instance to configure within the Morro Cloud Manager AUTHENTICATION tab to complete the LDAP integration.
- LDAP Server Address: ldap.jumpcloud.com
- Base DN: o=< ORG ID >,dc=jumpcloud,dc=com
- LDAP Bind DN: uid=sambasrvacct,ou=users,o=< ORG ID >,dc=jumpcloud,dc=com
- LDAP Bind DN Password: Enter password for Samba Service Account
Using the Morro Cloud Manager to configure JumpCloud LDAP Integration
1) After enabling Samba Authentication Support on your JumpCloud LDAP Instance, log into the Morro Cloud Manager and navigate to the Team panel. Click on the AUTHENTICATION tab and change the authentication mode by using the pulldown menu to select LDAP.
2) On the Morro Cloud Manager AUTHENTICATION screen, expand the “Did You Know...” pulldown to confirm the required information to integrate JumpCloud LDAP. Using the information noted above, confirm that your JumpCloud LDAP Instance is configured to enable Samba Authentication Support that will allow JumpCloud Users and Groups to access file shares presented by your Morro CloudNAS.
3) Populate the values gathered in JumpCloud configuration Step 5 and click ‘SWITCH TO THIS MODE’ to complete the integration.
Tip: Check ‘Verify Server Certificate’ to increase the security of your JumpCloud LDAP and Morro CloudNAS integration.
4) Finally, confirm the modification to User and Group Authentication and Authorization using JumpCloud LDAP by clicking SWITCH MODE.
5) Any updates to JumpCloud LDAP Users and Groups requires synchronization with the Morro Data CloudNAS by navigating back to the Morro Cloud Manager => Team page => AUTHENTICATION tab and clicking the ‘SYNC USER/GROUP FROM SERVER’ button.
6) If any changes are made to the JumpCloud LDAP Samba Service Account including password updates, it will be necessary to click the ‘RE-JOIN’ button to update Morro Cloud Manager with the new account details or password change to ensure access to the Morro CloudNAS.
7) To confirm successful population of JumpCloud LDAP Users and Groups, select the User or Group tab.