Configure LDAP Settings 3.0 - API
/rest/{version}/systemsettings/ldap
Descriptor | Value |
---|---|
HTTP Method | PUT |
Description | Sets the values for the LDAP configuration fields. |
Required Permission | Manage System Settings |
Version Introduced | 2.5.0.7 |
Changes in 2.5.2 | Adds new parameter needed when configuring multiple LDAP servers. |
Request Header Parameters
Parameter | Value | Required | Description |
---|---|---|---|
Accept | String | Yes | A value of ‘application/json’ must be provided. |
Request POST Data Parameters
Must be passed in as a JSON Object
Parameter | Value | Required | Description |
---|---|---|---|
url | URL | Yes | URL for LDAP server. |
searchBase | String | Yes | The point from which ThreadFix will search for LDAP users from. |
userDn | String | Yes | User domain name to use for LDAP queries. |
password | String | Yes | Password for user domain name. |
loginFilter | String | No | Override filter to get the account of the person logging in. |
usersFilter | String | No | Override filter to get the list of users in the directory. |
groupsFilter | String | No | Override filter to get the list of groups in the directory. |
usersGroupsFilter | String | No | Override filter to get the list of groups for a user. |
name | String | Yes* | Name for LDAP server. *Only required with v2.5.2 REST call or later. |
Sample Call:
curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}"
-d '{"url": "ldap://your.url.here", "searchBase": "DC=yourBaseHere,DC=org", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))"}'
http://localhost:8080/threadfix/rest/latest/systemsettings/ldap
-Request to add new LDAP server with name parameter (v2.5.2 forward):
curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}" -d '{"url": "ldap://your.url.here", "searchBase": "DC=youBaseHere", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))", name:"LDAP NAME PASSED IN"}' http://localhost:8080/rest/v2.5.2/systemsettings/ldap
Sample Output:
{
"message": "",
"success": true,
"responseCode": -1,
"object": {
"groupsFilter": "(&(objectClass=group)(cn={0}))",
"password": null,
"loginFilter": "uid={0}",
"usersFilter": "objectClass=User",
"usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))",
"searchBase": "DC=yourBaseHere,DC=org",
"url": "ldap://your.url.here",
"userDn": "CN=user,DC=yourBaseHere,DC=org"
}
}
www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.
This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.