Repository Management with Nexus

8.6. Mapping Users and Groups with Active Directory

When mapping users and groups to an Active Directory installation, try the common configuration values listed in Table 8.2, “User Element Mapping Configuration for Active Directory” and Table 8.3, “Group Element Mapping Configuration for Active Directory”.

Table 8.1. Connection and Authentication Configuration for Active Directory

Configuration Element Configuration Value

Protocol

ldap

Hostname

Hostname of Active Directory Server

Port

389 (or port of AD server)

Search Base

DC=yourcompany,DC=com (customize for your organization)

Authentication

Simple Authentication

Username

CN=Administrator,CN=Users,DC=yourcompany,DC=com


Table 8.2. User Element Mapping Configuration for Active Directory

Configuration Element Configuration Value

Base DN

cn=users

User Subtree

false

Object Class

user

User ID Attribute

sAMAccountName

Real Name Attribute

cn

E-Mail Attribute

mail

Password Attribute

(Not Used)


Table 8.3. Group Element Mapping Configuration for Active Directory

Configuration Element Configuration Value

Group Type

Dynamic Groups

Member Of Attribute

memberOf


[Warning]

You should connect to the AD through port 3268 if you have a multi-domain, distributed Active Directory forest. Connecting directly to port 389 might lead to errors. Port 3268 exposes Global Catalog Server, which exposed the distributed data. The SSL equivalent connection port is 3269.