As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.
Configure LDAP Settings - API
/rest/{version}/systemsettings/ldap
Descriptor | Value |
|---|---|
HTTP Method | PUT |
Description | Sets the values for the LDAP configuration fields. |
Required Permission | Manage System Settings |
| Version Introduced | 2.5.0.7 |
| Changes in 2.5.2 | Adds new parameter needed when configuring multiple LDAP servers. |
Request Header Parameters
Parameter | Value | Required | Description |
|---|---|---|---|
Accept | String | Yes | A value of ‘application/json’ must be provided. |
Request POST Data Parameters
Must be passed in as a JSON Object
Parameter | Value | Required | Description |
|---|---|---|---|
url | URL | Yes | URL for LDAP server. |
searchBase | String | Yes | The point from which ThreadFix will search for LDAP users from. |
userDn | String | Yes | User domain name to use for LDAP queries. |
| password | String | Yes | Password for user domain name. |
| loginFilter | String | No | Override filter to get the account of the person logging in. |
| usersFilter | String | No | Override filter to get the list of users in the directory. |
| groupsFilter | String | No | Override filter to get the list of groups in the directory. |
| usersGroupsFilter | String | No | Override filter to get the list of groups for a user. |
| name | String | Yes* | Name for LDAP server. *Only required with v2.5.2 REST call or later. |
Sample Call:
curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}"
-d '{"url": "ldap://your.url.here", "searchBase": "DC=yourBaseHere,DC=org", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))"}'
http://localhost:8080/threadfix/rest/latest/systemsettings/ldap
-Request to add new LDAP server with name parameter (v2.5.2 forward):
curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}" -d '{"url": "ldap://your.url.here", "searchBase": "DC=youBaseHere", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))", name:"LDAP NAME PASSED IN"}' http://localhost:8080/rest/v2.5.2/systemsettings/ldap
Sample Output:
{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"groupsFilter": "(&(objectClass=group)(cn={0}))",
"password": null,
"loginFilter": "uid={0}",
"usersFilter": "objectClass=User",
"usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))",
"searchBase": "DC=yourBaseHere,DC=org",
"url": "ldap://your.url.here",
"userDn": "CN=user,DC=yourBaseHere,DC=org"
}
}
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.