As we reach the end of September 2024, ThreadFix version 3.x on-premises has officially reached its End-of-Life. Therefore, there is no longer support or updates for this version of the product. We have fully transitioned our product and development teams to focus ThreadFix SaaS and migrating all customers over from the on-premises versions. Our Customer Success and Support teams are here to help you in migrating to ThreadFix SaaS and maximizing the value you see from this improved offering from Coalfire. This is the next phase of ThreadFix and our team is looking forward to continuing to support you on this journey.
Configure LDAP Settings 3.0 - API
- Daniel Colon
/rest/{version}/systemsettings/ldap
Descriptor | Value |
|---|---|
HTTP Method | PUT |
Description | Sets the values for the LDAP configuration fields. |
Required Permission | Manage System Settings |
Version Introduced | 2.5.0.7 |
Changes in 2.5.2 | Adds new parameter needed when configuring multiple LDAP servers. |
Request Header Parameters
Parameter | Value | Required | Description |
|---|---|---|---|
Accept | String | Yes | A value of ‘application/json’ must be provided. |
Request POST Data Parameters
Must be passed in as a JSON Object
Parameter | Value | Required | Description |
|---|---|---|---|
url | URL | Yes | URL for LDAP server. |
searchBase | String | Yes | The point from which ThreadFix will search for LDAP users from. |
userDn | String | Yes | User domain name to use for LDAP queries. |
password | String | Yes | Password for user domain name. |
loginFilter | String | No | Override filter to get the account of the person logging in. |
usersFilter | String | No | Override filter to get the list of users in the directory. |
groupsFilter | String | No | Override filter to get the list of groups in the directory. |
usersGroupsFilter | String | No | Override filter to get the list of groups for a user. |
name | String | Yes* | Name for LDAP server. *Only required with v2.5.2 REST call or later. |
Sample Call:
curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}"
-d '{"url": "ldap://your.url.here", "searchBase": "DC=yourBaseHere,DC=org", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))"}'
http://localhost:8080/threadfix/rest/latest/systemsettings/ldap-Request to add new LDAP server with name parameter (v2.5.2 forward):
curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}" -d '{"url": "ldap://your.url.here", "searchBase": "DC=youBaseHere", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))", name:"LDAP NAME PASSED IN"}' http://localhost:8080/rest/v2.5.2/systemsettings/ldap
Sample Output:
{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"groupsFilter": "(&(objectClass=group)(cn={0}))",
"password": null,
"loginFilter": "uid={0}",
"usersFilter": "objectClass=User",
"usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))",
"searchBase": "DC=yourBaseHere,DC=org",
"url": "ldap://your.url.here",
"userDn": "CN=user,DC=yourBaseHere,DC=org"
}
} www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.