Repository Management with Nexus


8.8. Mapping Roles to LDAP Users

Once User and Group Mapping has been configured, you can start verifying how LDAP users and groups are mapped to Nexus roles. If a user is a member of an LDAP group that has a Group ID corresponding to the ID of a Nexus role, that user is granted the appropriate permissions in Nexus. For example, if the LDAP user entry in uid=brian,ou=users,dc=sonatype,dc=com is a member of a groupOfUniqueNames attribute value of admin, when this user logs into Nexus, he/she will be granted the Nexus administrator role if the Group Element Mapping is configured properly. To verify the User Element Mapping and Group Element Mapping, click on Check User Mapping in the LDAP Configuration panel directly below the Group Element Mapping section, Figure 8.7, “Checking the User and Group Mapping in LDAP Configuration” shows the results of this check.


Figure 8.7. Checking the User and Group Mapping in LDAP Configuration

In Figure 8.7, “Checking the User and Group Mapping in LDAP Configuration”, Nexus LDAP Integration locates a user with a User ID of "brian" who is a member of the "admin" group. When brian logs in, he will have all of the rights that the admin Nexus Role has.