How to configure LDAP using REST clients

To configure your LDAP via command line (e.g., REST API), here are two options:

1. User-plugins

• Artifactory's LDAP Settings Config user plugin allows REST access to your LDAP configuration
• Artifactory's LDAP Groups Config user plugin allows REST access to your LDAP groups configuration

More information on Artifactory user plugins is available HERE.

2. General configuration modifications

You may use our general configuration templates to modify your LDAP entries. Following are the links to the REST APIs you’ll need:

• General Configuration
• Save General Configuration

Thereafter, go to the ldapSettings section of your $JFROG_HOME/artifactory/var/etc/artifactory/artifactory.config.latest.xml file and follow the instructions HERE to bootstrap your config descriptor. 

Following is a sample configuration of two LDAP servers and two LDAP groups:

<ldapSettings>
    <ldapSetting>
        <key>sup-docker</key>
        <enabled>true</enabled>
        <ldapUrl>ldap://abc:389/dc=sup-docker</ldapUrl>
        <search>
            <searchFilter>uid={0}</searchFilter>
            <searchBase></searchBase>
            <searchSubTree>true</searchSubTree>
            <managerDn>cn=admin,dc=sup-docker</managerDn>
            <managerPassword>aaa</managerPassword>
        </search>
        <autoCreateUser>true</autoCreateUser>
        <emailAttribute>mail</emailAttribute>
    </ldapSetting>
    <ldapSetting>
        <key>joshua-AD</key>
        <enabled>true</enabled>
        <ldapUrl>ldap://abc:389/dc=win2012joshua,dc=com</ldapUrl>
        <search>
            <searchFilter>sAMAccountName={0}</searchFilter>
            <searchSubTree>true</searchSubTree>
            <managerDn>CN=Administrator,CN=Users,DC=win2012joshua,DC=com</managerDn>
            <managerPassword>aaa</managerPassword>
        </search>
        <autoCreateUser>true</autoCreateUser>
        <emailAttribute>mail</emailAttribute>
    </ldapSetting>
</ldapSettings>
<ldapGroupSettings>
    <ldapGroupSetting>
        <name>sup-docker-static</name>
        <groupBaseDn>ou=Groups, dc=Support</groupBaseDn>
        <groupNameAttribute>cn</groupNameAttribute>
        <groupMemberAttribute>uniqueMember</groupMemberAttribute>
        <subTree>true</subTree>
        <filter>(objectClass=groupOfUniqueNames)</filter>
        <descriptionAttribute>description</descriptionAttribute>
        <strategy>STATIC</strategy>
        <enabledLdap>sup-docker</enabledLdap>
    </ldapGroupSetting>
    <ldapGroupSetting>
        <name>joshua-AD-dynamic</name>
        <groupBaseDn></groupBaseDn>
        <groupNameAttribute>cn</groupNameAttribute>
        <groupMemberAttribute>memberOf</groupMemberAttribute>
        <subTree>true</subTree>
        <filter>(objectClass=group)</filter>
        <descriptionAttribute>description</descriptionAttribute>
        <strategy>DYNAMIC</strategy>
        <enabledLdap>joshua-AD</enabledLdap>
    </ldapGroupSetting>
</ldapGroupSettings>