Using YAML: I am trying to use the YAML configuration to add LDAP setting for Artifactory JCR. Tried using the helm chart version 107.63.7
(App ver.7.63.7
) based on the following suggestion "Alternatively, from Artifactory version 7.63 and forward, you can use the Access Configuration Bootstrap YAML to set up authentication provider configuration" from this page. Checking the upstream
helm chart, I could not find any mention of access.security.bootstrap.yml
. This made me think whether the helm chart is up-to-date with the latest changes. I instead thought of appending the LDAP settings block to the following secret and although I could see the copy-system-configurations
container copying the stuff to /var/opt/jfrog/artifactory/etc/access/access.config.patch.yml
but LDAP didn't work. This is one issue.
stringData:
access.config.patch.yml: |
security:
tls: false
ldapSettings:
...
...
Using API: Since above didn't work, I reverted to version 7.59.11
after I came across this link and tried the POST command but that always keep throwing the same error.
$ curl -s -u admin:cmVm...redacted...MjIz -X POST https://jcr.my.domain.com/access/api/v1/ldap/settings -H "Content-Type: application/json" -T ldap.json
{"errors":[{"code":"UNAUTHORIZED","message":"HTTP 401 Unauthorized","detail":"Request has failed. Due to incorrect username/password or locked user."}]}
Also tried this form but same result:
$ curl -s -u admin:cmVm...redacted...MjIz -X POST https://jcr.my.domain.com/access/api/v1/ldap/settings -H "Content-Type: application/json" -d @ldap.json
Few things I would like to mention:
Identity Token
for admin userLock User After Exceeding Max Failed Login Attempts
is disabled.I would preferably like to use the method that the docs suggest for the latest version i.e., using the access.security.bootstrap.yml
instead of running the API command but any help will be appreciated. Even better if I get to know how to get both the methods working.
Using Identity Token
, this is the syntax that finally worked for me:
curl -H "Authorization: Bearer xyZd...SUpx" "https://<my-artifactory>/access/api/v1/ldap/settings" -d @ldap.json -H 'Content-Type: application/json'