Sonatype CLM Server - Security Administration Guide
As mentioned, the example above is a basic setup. Specifically, we do not turn on the User Subtree option or utilize the User Filter. Descriptions for those fields, as well as all available parameters for mapping LDAP User Attributes to Sonatype CLM have been provided below. When applicable, required fields have been noted.
- Base DN (required)
- Corresponds to the Base DN (Distinguished Name) containing user entries. This DN is going to be relative to the Search Base. For example, if your users are all contained in "cn=users,dc=sonatype,dc=com" and you specified a Search Base of "dc=sonatype,dc=com" you would use a value of "cn=users"
- User Subtree
- Enable this parameter if there is a tree below the Base DN which can contain user entries. For example, if all users are in "cn=users" this field should not be toggled. However, if users can appear in organizational units below "cn=users", such as "ou=development,cn=users,dc=sonatype,dc=com" this field should be toggled
- Object Class (required)
- The object class defines what attributes are expected for a given object. What is entered here must be the object class for the User ID Attribute, Real Name Attribute, Email Attribute, and the Password Attribute.
- User Filter
- The user filter allows you to isolate a specific set of users under the Base DN.
- User ID Attribute (required)
- This is the attribute of the Object class which supplies the User ID.
- Real Name Attribute (required)
- This is the attribute of the Object class which supplies the real name of the user.
- E-Mail Attribute (required)
- This is the attribute of the Object class which supplies the email address of the user.
- Password Attribute
- This is the attribute of the Object class which supplies the User Password. By default it is not toggled, which means authentication will occur as a bind to the LDAP server. Otherwise this is the attribute of the Object class which supplies the password of the user.