How to Use LDAP Sign-In with Shinobi

This article will show you how to setup logging into Shinobi with your LDAP server.

By : Moe Alam

Date Added : Wed Apr 07 2021 23:59:36 GMT+0000 (Coordinated Universal Time)
Last Updated : Thu Apr 08 2021 04:03:43 GMT+0000 (Coordinated Universal Time)

Enabling LDAP Sign-In

1. Navigate to the Shinobi folder. 

cd /home/Shinobi

2. Add the following to conf.json through either the Superuser Panel or Terminal. 

"allowLdapSignOn":true,

Terminal Users :

Use nano to open the conf.json file and add the new lines after Line 2. 

nano conf.json

3. Now restart Shinobi after making the changes.

Configure LDAP in your Shinobi Account

  1. Login to Shinobi as you normally would and open your Settings
  2. Link your LDAP account in the Alternate Logins section. You will need the following to do so :
    • URL of the LDAP Server, for example : ldap://127.0.0.1:389
    • Username
    • Password
    • bindDN or sometimes known as DN
    • Search Base
    • Search Filter
  3. Now that you have it saved scroll to the very top of the Settings window and Copy your Group Key to the clipboard.

Shinobi Systems never receives this information. Your LDAP Sign-In management will be handled by your LDAP Server of choice.

Login with LDAP into Shinobi

Now that you have your LDAP account linked to your Shinobi account you can proceed to Logout to test it.

  1. Once at the Login screen you can toggle the last selector to LDAP.
  2. Input your Username and Password
  3. Paste your Group Key in the Group Key field.
  4. Press Login, you should now be in the account you just linked to.

Enjoy!