As of December 31st, 2023 ThreadFix 2.X has reached End of Life and is no longer supported. For any further information please contact the Success and Implementation team.

Configure LDAP Settings - API

Owned by David Harrison (Unlicensed)
Last updated: Nov 18, 2019 by Hector Ruiz (Unlicensed)
1 min read

/rest/{version}/systemsettings/ldap


Descriptor

Value

HTTP Method

PUT

Description

Sets the values for the LDAP configuration fields.

Required Permission

Manage System Settings

Version Introduced2.5.0.7
Changes in 2.5.2Adds new parameter needed when configuring multiple LDAP servers.


Request Header Parameters

Parameter

Value

Required

Description

Accept

String

Yes

A value of ‘application/json’ must be provided.


Request POST Data Parameters

Must be passed in as a JSON Object

Parameter

Value

Required

Description

url

URL

Yes

URL for LDAP server.

searchBase

String

Yes

The point from which ThreadFix will search for LDAP users from.

userDn

String

Yes

User domain name to use for LDAP queries.


passwordStringYesPassword for user domain name.
loginFilterStringNoOverride filter to get the account of the person logging in.
usersFilterStringNoOverride filter to get the list of users in the directory.
groupsFilterStringNoOverride filter to get the list of groups in the directory.
usersGroupsFilterStringNoOverride filter to get the list of groups for a user.
nameStringYes*Name for LDAP server. *Only required with v2.5.2 REST call or later.


Sample Call:

curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}" 
-d '{"url": "ldap://your.url.here", "searchBase": "DC=yourBaseHere,DC=org", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))"}'
http://localhost:8080/threadfix/rest/latest/systemsettings/ldap



-Request to add new LDAP server with name parameter (v2.5.2 forward):

curl --insecure -X PUT -H "Content-Type: application/json" -H "Authorization: APIKEY {apiKey}" -d '{"url": "ldap://your.url.here", "searchBase": "DC=youBaseHere", "userDn": "CN=user,DC=yourBaseHere,DC=org", "password": "userPassword", "loginFilter": "uid={0}", "usersFilter": "objectClass=User", "groupsFilter": "(&(objectClass=group)(cn={0}))", "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))", name:"LDAP NAME PASSED IN"}'  http://localhost:8080/rest/v2.5.2/systemsettings/ldap


Sample Output:


{
  "message": "",
  "success": true,
  "responseCode": -1,
  "object": {
    "groupsFilter": "(&(objectClass=group)(cn={0}))",
    "password": null,
    "loginFilter": "uid={0}",
    "usersFilter": "objectClass=User",
    "usersGroupsFilter": "(&(memberUid={0})(objectClass=posixGroup))",
    "searchBase": "DC=yourBaseHere,DC=org",
    "url": "ldap://your.url.here",
    "userDn": "CN=user,DC=yourBaseHere,DC=org"
  }
}

www.threadfix.it | www.coalfire.com
Copyright © 2024 Coalfire. All rights reserved.

This Information Security Policy is CoalFire - Public: Distribution of this material is not limited.