Integrating Artifactory with Active Directory LDAP

In my previous post, I went over how to spin up Artifactory OSS on Docker. I will go over how to integrate it with LDAP this time. This was a bit of struggle because the examples that I found online were not so clear because they try to hide the information. I’m going to expose mine because it’s just my personal lab environment and I’m hoping that it will help some people out there.

Basic Data

  • Window Server 2019 already installed and configured.
  • Created UsersOU as the very basic organizational unit. I have all my users in it.
  • svcldap is the account I’m using for the binding account.
  • svcldap is configured to be able to read the OU information. (I have not gone over this one in my blog, but I will work on it later.)
  • OU (Organizational Unit) to use is UsersOU in this example. All users exists in this OU.
  • The domain is homenet.iriumi.ad.

LDAP Configuration in Artifactory

With the information above, follow the instruction below to have the users authenticate against LDAP on Windows Server 2019.

First, login to Artifactory as an admin and navigate to LDAP.

Here is the detailed information on the configuration with my actual lab environment.

LDAP Settings

    • Enabled: check
    • Settings name: homenet (or whatever you want. It’s just a label.)
    • LDAP URL: ldap://pdc01.homenet.iriumi.ad:389/dc=homenet,dc=iriumi,dc=ad
      SSL is not enabled in my environment, so 389. If it’s enabled, it would be 686.
    • Auto Create Artifactory Users: check
    • Allow Created Users Access To Profile Page: check
    • User DN Pattern: uid={0},ou=UsersOU
    • Email Attribute: mail
    • Search Filter: sAMAccountName={0}
    • Search Base: ou=UsersOU
    • Secure LDAP Search: check
    • Search Sub-tree: check
    • Manager DN: CN=svcldap,OU=UsersOU,DC=homenet,DC=iriumi,DC=ad 
    • Manager Password: The password for svcldap

Here is the actual image of the settings.

Once the Test LDAP Connection is successful, use your credential to login to Artifactory. Logging in to Artifactory creates the account in it. Once that’s done, logout and log back in as admin. Make your user an admin and then log back into it as the LDAP user. You’re all good to go!

Author: admin

A software engineer in greater Seattle area

Leave a Reply

Your email address will not be published. Required fields are marked *