Troubleshooting Tips

How does LDAP/AD group sync/mapping work?
AuthorFullName__c
Joshua Han
articleNumber
000001235
FirstPublishedDate
2016-10-06T13:35:30Z
lastModifiedDate
2025-05-14
VersionNumber
18
  • See LDAP attributes found for the user (e.g. run "ldapsearch joshua") and compare it with the group filter
  • In Artifactory, go to Admin => Security => LDAP Settings => Select and Edit your LDAP setting => Enter a test username and password => Click on Test Connection 
  • Enable more logs by adding the below debug loggers at the end of the $ARTIFACTORY_HOME/etc/logback.xml file. Enabling the debug logs does not require restarting Artifactory.
     
<!-- Access logback configuration -->
<appender name="ldap" class="ch.qos.logback.core.rolling.RollingFileAppender">
  <File>${log.dir}/access-ldap.log</File>
  <rollingPolicy class="org.jfrog.common.logging.logback.rolling.FixedWindowWithDateRollingPolicy">
    <FileNamePattern>${log.dir.archived}/access-ldap.%i.log.gz</FileNamePattern>
    <maxIndex>10</maxIndex>
  </rollingPolicy>
  <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
    <MaxFileSize>25MB</MaxFileSize>
  </triggeringPolicy>
  <encoder class="ch.qos.logback.core.encoder.LayoutWrappingEncoder">
    <layout class="org.jfrog.common.logging.logback.layout.BackTracePatternLayout">
      <pattern>%date{yyyy-MM-dd'T'HH:mm:ss.SSS, UTC}Z [jfrt ] [%-5p] [%-16X{uber-trace-id}] [%-30.30(%c{3}:%L)] [%-20.20thread] - %m%n</pattern>
    </layout>
  </encoder>
</appender>

<logger name="org.springframework.security.ldap" additivity="false">
  <level value="trace"/>
  <appender-ref ref="ldap"/>
</logger>
<logger name="org.jfrog.access.server.service.auth.ldap" additivity="false">
  <level value="trace"/>
  <appender-ref ref="ldap"/>
</logger>
<logger name="org.jfrog.automation.access.client.model.ldap" additivity="false">
  <level value="trace"/>
  <appender-ref ref="ldap"/>
</logger>
<logger name="org.jfrog.access.server.rest.resource.ldap" additivity="false">
  <level value="trace"/>
  <appender-ref ref="ldap"/>
</logger>
<logger name="org.jfrog.access.server.security.authentication.ldap" additivity="false">
  <level value="trace"/>
  <appender-ref ref="ldap"/>
</logger>
<logger name="org.jfrog.access.server.rest.resource.ui.ldap" additivity="false">
  <level value="trace"/>
  <appender-ref ref="ldap"/>
</logger>