Error connecting to the LDAP server - jFrog Artifactory Integration with Azure LDAPS

Question

I have problem integrating jFrog Artifactory with an Azure LDAPS. Azure side is successfully configure, I get response by telnet on port 636.

Logs in the artifactory show this error:

Error connecting to the LDAP server: org.springframework.security.authentication.AuthenticationServiceException: User name.surname@bi****.de failed to authenticate

I understand that this error points to my user. But credentials for this user are 100% correct since I have enabled Azure Active Directory Services with user, enabled LDAPS and so on.

Can anyone specified in more detail what I was doing wrong on this picture below?

LDAP Integration screen

Answer 1

The search filter is incorrect, but the correct value will depend on what the users will log on with. If it's their AD username, you would use "sAMAccountName={0}" but the test ID you are using appears to be an e-mail address. To authenticate with your primary e-mail address, use "mail={0}" as the search filter.

Most likely "manager DN" / "manager password" needs a value as well. When you attempt to authenticate, the server connects to the LDAP service and binds with the "manager" account. It then searches for mail= and retrieves the fully qualified DN (FQDN) of the located object. The user supplied password is then validated by attempting to bind with the retrieved FQDN and user supplied password. If anonymous users have read access to the directory, you wouldn't need a manager dn/password. Anonymous read access is atypical for AD/Azure AD.

I use a "service" (i.e. non-user) account for my manager account -- using an actual user's account means someone has to come back and change the config every time the user updates their password. I set a long/complex password on service accounts and increase the password expiry time-frame so admins aren't re-configuring their applications monthly.