Is there a way to get all LDAP users from Nexus API?

ado · July 6, 2020, 1:19pm

Hello! We have a situation where we need to get all domain users through Nexus API.
But in Swagger (and we also tried to it via curl-request) and as the documentation says it will give only the first 100 results.

Is there any pagination mechanism under the hood that we can use to get all users from LDAP?

jtom · July 6, 2020, 6:55pm

There isn’t as written. We have a ticket in our backlog https://issues.sonatype.org/browse/NEXUS-21388 which I think suits what you are looking for. Please watch/vote if I am right.
-Joe

ado · July 7, 2020, 4:58am

Okay, thank you.

mprescott · July 8, 2020, 7:34pm

@ado, out of curiosity, what are you trying to do with the LDAP user list?

ado · July 9, 2020, 4:47am

We have a corporate permission system, that grants granular right to any user.
I want to create integration between Nexus and this system. There is no problem to assign Nexus roles to LDAP-user via API. The main point is that the system creates a domain group. This system has a role model also. So we have a role that point as to the specific domain group with a list of users. I grab this list of users, check some properties (which will tell for which repository this group need access to) and assign some Nexus Role to this LDAP-user.

In my case it will be cool, if I can grab all users from LDAP via Nexus (cause we have internal Nexus roles in the LDAP-user model), cache it and build a diff between specific domain group which points to specific Nexus role and this list. If some changes present - revoke, or add nexus Roles to user\users in this group.

For now we have about 20 repositories, including docker registry(and when we create a private namespace our automation process creates all objects inside Nexus (content-selector,privilege,role), domain group in which end users will be present, and sync daemon, which grabs users from this group and assign nexus Role to them.

As I mention before - we have no problems to assign role, but because of Nexus can’t grab more than 100 users we can’t build diff to revoke nexus roles from users if something changes.

jeremydelmotte · January 11, 2024, 4:03pm

Hello,

Sorry to come back to such an old ticket but I would like to know what is going on? because I would also need to be able to list all my LDAP users (greater than 500)

Regards,

Jeremy