0
0
RabbitmqHow-ToBeginner ยท 4 min read

How to Use LDAP Authentication with RabbitMQ

To use LDAP with RabbitMQ, enable the rabbitmq_auth_backend_ldap plugin and configure the rabbitmq.conf file with your LDAP server details. This setup allows RabbitMQ to authenticate users against your LDAP directory for secure access control.
๐Ÿ“

Syntax

The main configuration for LDAP in RabbitMQ is done in the rabbitmq.conf file. You specify the LDAP server URL, user search base, and authentication method. The rabbitmq_auth_backend_ldap plugin must be enabled to use LDAP authentication.

Key configuration parts include:

  • auth_backends: List of authentication backends, including LDAP.
  • ldap.servers: LDAP server addresses.
  • ldap.user_dn_pattern or ldap.user_search_base: How to find users in LDAP.
  • ldap.use_ssl: Whether to use SSL for LDAP connection.
ini
auth_backends.1 = ldap

ldap.servers.1 = ldap.example.com
ldap.user_dn_pattern = cn=${username},ou=users,dc=example,dc=com
ldap.use_ssl = false

# Optional: group lookup for permissions
ldap.group_search_base = ou=groups,dc=example,dc=com

# Enable the LDAP backend plugin
# Run: rabbitmq-plugins enable rabbitmq_auth_backend_ldap
๐Ÿ’ป

Example

This example shows how to configure RabbitMQ to authenticate users against an LDAP server at ldap.example.com. It uses a simple user DN pattern and disables SSL for LDAP connection.

bash
## rabbitmq.conf

auth_backends.1 = ldap

ldap.servers.1 = ldap.example.com
ldap.user_dn_pattern = cn=${username},ou=users,dc=example,dc=com
ldap.use_ssl = false

# Enable LDAP plugin
rabbitmq-plugins enable rabbitmq_auth_backend_ldap

# Restart RabbitMQ service after configuration changes
sudo systemctl restart rabbitmq-server
Output
Plugin "rabbitmq_auth_backend_ldap" enabled. Restarting rabbitmq-server.service...
โš ๏ธ

Common Pitfalls

  • Not enabling the LDAP plugin: You must run rabbitmq-plugins enable rabbitmq_auth_backend_ldap before LDAP works.
  • Incorrect user DN pattern or search base: If the LDAP path to users is wrong, authentication will fail.
  • LDAP server unreachable: RabbitMQ must be able to connect to the LDAP server on the network.
  • SSL misconfiguration: If your LDAP server requires SSL, set ldap.use_ssl = true and configure certificates properly.
ini
## Wrong user DN pattern example
ldap.user_dn_pattern = cn=${username},ou=wrong,dc=example,dc=com

## Correct user DN pattern example
ldap.user_dn_pattern = cn=${username},ou=users,dc=example,dc=com
๐Ÿ“Š

Quick Reference

Configuration KeyDescriptionExample Value
auth_backends.1Authentication backend to useldap
ldap.servers.1LDAP server addressldap.example.com
ldap.user_dn_patternPattern to locate user DNcn=${username},ou=users,dc=example,dc=com
ldap.use_sslEnable SSL for LDAP connectionfalse
ldap.group_search_baseBase DN for group lookupou=groups,dc=example,dc=com
โœ…

Key Takeaways

Enable the rabbitmq_auth_backend_ldap plugin to use LDAP authentication.
Configure user DN pattern or search base correctly to match your LDAP structure.
Ensure RabbitMQ can reach the LDAP server and SSL settings match your LDAP setup.
Restart RabbitMQ after changing LDAP configuration for changes to take effect.

Related by keyword

How to Start RabbitMQ: Simple Steps to Run RabbitMQ ServerGetting StartedHow to Access RabbitMQ Management UI Quickly and EasilyGetting StartedHow to Check RabbitMQ Status Quickly and EasilyGetting StartedHow to Enable RabbitMQ Management Plugin QuicklyGetting StartedHow to Install RabbitMQ: Step-by-Step GuideGetting Started

Up next

What is Disk Alarm in RabbitMQ and How It WorksMemory Alarm in RabbitMQ: What It Is and How It WorksConfigure Connection Timeout in RabbitMQ: Simple GuideHow to Configure Logging in RabbitMQ: Simple Steps

More in Security

How to Change Default Password in RabbitMQ QuicklyHow to Configure SSL in RabbitMQ for Secure MessagingHow to Create User in RabbitMQ: Simple StepsHow to Create a Virtual Host in RabbitMQ Quickly