As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »


/rest/systemsettings/ldap


Descriptor

Value

HTTP Method

PUT

Description

Sets the values for the LDAP configuration fields.

Required Permission

Manage System Settings

Version Introduced2.5.0.7
Changes in 2.5.2Adds new parameter needed when configuring multiple LDAP servers.


Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.


Request POST Data Parameters

Must be passed in as a JSON Object

Parameter

Value

Required

Description

url

URL

Yes

URL for LDAP server.

searchBase

String

Yes

The point from which ThreadFix will search for LDAP users from.

userDn

String

Yes

User domain name to use for LDAP queries.


passwordStringYesPassword for user domain name.
loginFilterStringNoOverride filter to get the account of the person logging in.
usersFilterStringNoOverride filter to get the list of users in the directory.
groupsFilterStringNoOverride filter to get the list of groups in the directory.
usersGroupsFilterStringNoOverride filter to get the list of groups for a user.
nameStringYes*Name for LDAP server. *Only required with v2.5.2 REST call or later.


Sample Call:

curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}" 
-d '{"url": "ldap://your.url.here", "searchBase": "DC=yourBaseHere,DC=org", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))"}'
http://localhost:8080/threadfix/rest/systemsettings/ldap



-Request to add new LDAP server with name parameter (v2.5.2 forward):

curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}" -d '{"url": "ldap://your.url.here", "searchBase": "DC=youBaseHere", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))", name:"LDAP NAME PASSED IN"}'  http://localhost:8080/rest/v2.5.2/systemsettings/ldap


Sample Output:


{
  "message": "",
  "success": true,
  "responseCode": -1,
  "object": {
    "groupsFilter": "(&(objectClass=group)(cn={0}))",
    "password": null,
    "loginFilter": "uid={0}",
    "usersFilter": "objectClass=User",
    "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))",
    "searchBase": "DC=yourBaseHere,DC=org",
    "url": "ldap://your.url.here",
    "userDn": "CN=user,DC=yourBaseHere,DC=org"
  }
}

  • No labels