LDAP integration (Active Directory)
1) Login into admin console -> Administration -> Server -> Security Settings
Security should be ON
Move all the Realms from Available Realms to Selected Realms and make sure OSS LDAP Authentication Realm is on the top of the list
Selected Realms
OSS LDAP Authentication Realm
Xml Authenticating Realm
Xml Authorizing Realm
Save the changes
2) Navigate to Security -> LDAP configuration
Protocol: ldap
Hostname: ldap server name or ip address
Port: 3268 or 389
Search Base: DC=mydomain,DC=com
Authentication Method: Simple Authentication
Username: Specify full DN of ldap bind ID
e.g. CN=myldapbindid,OU=My Service Accounts,OU=something,DC=mydomain,DC=com
Password: ldap-bind-id-password
Check Authentication to validate the connection
User Element Mapping.
Base DN: OU=something1, OU=something2
User Subtree: unchecked
Object Class: user
User ID Attribute: sAMAccountName
Real Name Attribute: displayname
E-Mail Attribute: mail
In my case, the users authenticating are under OU=something1, OU=something2,DC=mydomain,DC=com ldap group i.e., CN=ldapuser+Base DN+Search Base.
Group Element Mapping: Unchecked
Save the settings and check user mapping. If the values are correct, a subset of ldap records will be displayed at the bottom of the same screen.
3) Assigning Users
Navigate to Security -> Users -> Choose LDAP from dropdown -> Type ldapuserid in the search field.
The user should be successfully retrieved from your ldap.
Role management -> Add -> Nexus Administrator
Choose your desired role.
4) Login with your LDAP account and validate.
1) Login into admin console -> Administration -> Server -> Security Settings
Security should be ON
Move all the Realms from Available Realms to Selected Realms and make sure OSS LDAP Authentication Realm is on the top of the list
Selected Realms
OSS LDAP Authentication Realm
Xml Authenticating Realm
Xml Authorizing Realm
Save the changes
2) Navigate to Security -> LDAP configuration
Protocol: ldap
Hostname: ldap server name or ip address
Port: 3268 or 389
Search Base: DC=mydomain,DC=com
Authentication Method: Simple Authentication
Username: Specify full DN of ldap bind ID
e.g. CN=myldapbindid,OU=My Service Accounts,OU=something,DC=mydomain,DC=com
Password: ldap-bind-id-password
Check Authentication to validate the connection
User Element Mapping.
Base DN: OU=something1, OU=something2
User Subtree: unchecked
Object Class: user
User ID Attribute: sAMAccountName
Real Name Attribute: displayname
E-Mail Attribute: mail
In my case, the users authenticating are under OU=something1, OU=something2,DC=mydomain,DC=com ldap group i.e., CN=ldapuser+Base DN+Search Base.
Group Element Mapping: Unchecked
Save the settings and check user mapping. If the values are correct, a subset of ldap records will be displayed at the bottom of the same screen.
3) Assigning Users
Navigate to Security -> Users -> Choose LDAP from dropdown -> Type ldapuserid in the search field.
The user should be successfully retrieved from your ldap.
Role management -> Add -> Nexus Administrator
Choose your desired role.
4) Login with your LDAP account and validate.
No comments:
Post a Comment