I wanted to use LDAP to give access to the nexus repository manager from sonatype for those users who need more access than just browsing.
OpenDS 2.2.0 Nexus OSS 1.8.0 All users are directly under ou=people, dc=chrissearle, dc=net and are of type inetOrgPerson. All role groups are under ou=groups, dc=chrissearle, dc=net A system user is cn=nexus, ou=users, dc=chrissearle, dc=net (because I have disabled anonymous access to OpenDS). Click to view full size: Sonatype Nexus Maven Repository Manager Sonatype Nexus Maven Repository Manager Click to view full size: Sonatype Nexus Maven Repository Manager Sonatype Nexus Maven Repository Manager Make sure the Check Authentication button is OK
Click to view full size: Sonatype Nexus Maven Repository Manager Sonatype Nexus Maven Repository Manager Since the password field is blank it will actually perform a bind on ldap to test.
Click to view full size: Sonatype Nexus Maven Repository Manager Sonatype Nexus Maven Repository Manager Here I had to change the default Group Member Format from ${username} to${dn} because I map the full dn in my group of unique names objects.
Hit the Check User Mapping button:
You should see all your users with their groups
Click to view full size: Sonatype Nexus Maven Repository Manager Sonatype Nexus Maven Repository Manager Add an external role mapping. For example - here we map the LDAP group nexusadmin to the Nexus Administration Role
Click to view full size: Sonatype Nexus Maven Repository Manager Sonatype Nexus Maven Repository Manager Head down the page to security settings and make sure that LDAP is selected. Without this LDAP users will not be able to log in but they will look fine in the Security > Users list.
Click to view full size: Sonatype Nexus Maven Repository Manager Sonatype Nexus Maven Repository Manager That should be enough to give your LDAP users a working login.