lldap/example_configs/nexus.md

1.9 KiB

Configuration for Sonatype Nexus Repository Manager 3

In Nexus log in as an administrator, go to Server Administration and configuration (gear icon)

Select LDAP under the Security section

Click Create connection

  • Host: A name for the connection e.g. lldap
  • Type: ldap
  • Host: Your lldap server's ip/hostname
  • Port: Your lldap server's port (3890 by default)
  • Base DN: dc=example,dc=com
  • Authentication Method: Simple Authentication
  • Username or DN: uid=admin,ou=people,dc=example,dc=com or preferably create a read only user in lldap with the lldap_strict_readonly group.
  • Password: The password for the user specified above

Click Verify connection if successful click Next

  • Select a template: Generic ldap server
  • User Relative DN: ou=people
  • User subtree: Leave unchecked
  • Object class: person
  • User Filter: Leave empty to allow all users to log in or (memberOf=uid=nexus_users,ou=groups,dc=example,dc=com) for a specific group
  • Username Attribute: uid
  • Real Name Attribute: cn
  • Email Attribute: mail
  • Password Attribute: Leave blank
  • Check Enable User Synchronization

Test user login credentials with Verify login

Set up group mapping as roles

Check Map LDAP groups as roles

  • Group Type: Static Groups
  • Group relative DN: ou=groups
  • Group subtree: Leave unchecked
  • Group object class: groupOfUniqueNames
  • Group ID attribute: cn
  • Group member attribute: member
  • Group member format: uid=${username},ou=people,dc=example,dc=com

Check user mapping with Verify user mapping

Map specific roles to groups

In Nexus log in as an administrator, go to Server Administration and configuration (gear icon) Select Roles under the Security section

Click Create Role

  • Role ID: e.g. nexus_admin (name in nexus)
  • Role Name: e.g. nexus_admin (group in lldap)
  • Add privileges/roles as needed e.g. under Roles add nx-admin to the "contained" list

Click Save