jumpserver 3.1.1 faq

2023-04-06

jumpserver 堡垒机安装,使用,绑定ldap,忘记密码

1、下载
ver=v2.26.1
ver=v3.1.1
#wget -c https://github.com/jumpserver/installer/releases/download/${ver}/jumpserver-installer-${ver}.tar.gz
wget -c https://resource.fit2cloud.com/jumpserver/installer/releases/download/${ver}/jumpserver-installer-${ver}.tar.gz
-rw-r--r-- 1 root root 46318 Sep 26 2022 jumpserver-installer-v2.26.1.tar.gz
-rw-r--r-- 1 root root 47371 Mar 27 18:33 jumpserver-installer-v3.1.1.tar.gz
2、安装或升级
tar zxf jumpserver-installer-v3.1.1.tar.gz
cd jumpserver-installer-v3.1.1
-rw-rw-r-- 1 root root 2124 Mar 27 18:02 cn-quick_start.sh
drwxrwxr-x 2 root root 4096 Apr 4 11:10 compose
-rw-rw-r-- 1 root root 4220 Mar 27 18:02 config-example.txt
drwxrwxr-x 8 root root 101 Mar 27 18:02 config_init
-rwxrwxr-x 1 root root 7048 Mar 27 18:02 jmsctl.sh
-rw-rw-r-- 1 root root 35148 Mar 27 18:02 LICENSE
drwxrwxr-x 4 root root 29 Mar 27 18:02 locale
-rw-rw-r-- 1 root root 1995 Mar 27 18:02 quick_start.sh
-rw-rw-r-- 1 root root 1874 Mar 27 18:02 README.md
drwxrwxr-x 2 root root 279 Mar 27 18:02 scripts
-rw-rw-r-- 1 root root 22 Apr 4 23:00 static.env
drwxrwxr-x 2 root root 41 Mar 27 18:02 utils
sh quick_start.sh
3、备份数据库
./jmsctl.sh
Management Commands:
start Start JumpServer
stop Stop JumpServer
close Close JumpServer
restart Restart JumpServer
status Check JumpServer
down Offline JumpServer
uninstall Uninstall JumpServer
backup_db Backup database
restore_db [file] Data recovery through database backup file
4、访问
Web access
http://10.10.10.199:80
Default username: admin
Default password: admin

SSH/SFTP access
ssh -p2222 admin@10.10.10.199

5、/opt/jumpserver/config/config.txt包含mysql和redis密码
6、忘记用户密码:

[root@jmupserver ~]# docker exec -it jms_core /bin/bash #进入容器内部
root@94b823ed3113:/opt/jumpserver# cd /opt/jumpserver/apps/
root@94b823ed3113:/opt/jumpserver/apps# python manage.py shell
Python 3.8.13 (default, Mar 17 2022, 06:22:23)
Type 'copyright', 'credits' or 'license' for more information
IPython 8.1.1 -- An enhanced Interactive Python. Type '?' for help.

In [1]: from users.models import User

In [2]: u = User.objects.get(username='test') #test 是您要修改的用户名

In [3]: u.reset_password('password') #password 是您要重置的密码

In [4]: u.save()

In [5]: exit
root@94b823ed3113:/opt/jumpserver/apps#

7、解锁后台重置

[root@jmupserver ~]# docker exec -it jms_core /bin/bash
root@94b823ed3113:/opt/jumpserver# cd /opt/jumpserver/apps/
root@94b823ed3113:/opt/jumpserver/apps# python manage.py shell
Python 3.8.13 (default, Mar 17 2022, 06:22:23)
Type 'copyright', 'credits' or 'license' for more information
IPython 8.1.1 -- An enhanced Interactive Python. Type '?' for help.
In [1]: from django.core.cache import cache

In [2]: cache.delete_pattern('_LOGIN_BLOCK_*')
Out[2]: 1

In [3]: cache.delete_pattern('_LOGIN_LIMIT_*')
Out[3]: 2

In [4]: exit

8、访问mysql
#进入容器内部
docker exec -it jms_mysql /bin/bash
env查看密码
export MYSQL_PWD=$MYSQL_ROOT_PASSWORD
mysql -uroot -Dmysql

9、访问redis
docker exec -it jms_redis /bin/bash
env查看密码
export REDISCLI_AUTH=$REDIS_PASSWORD
redis-cli

10、绑定openldap
右上角,系统设置,认证设置,LDAP
地址 ldap://10.10.10.199:389
DN cn=admin,dc=ly,dc=cn
用户ou=users,dc=ly,dc=cn
用户过滤 (uid=%(user)s)
属性映射{
"username": "uid",
"name": "sn",
"email": "mail"
}

测试成功后,先提交,导入用户
11、增加资产服务器IP
12、创建账户模板
13、资产树,资产授权,授权账户

分类:Linux | 标签: |

相关日志

评论被关闭!