No, once your LDAP connection is configured correctly you shouldn’t have to create any users in Nexus Repository Manager. Use the “Verify User Mapping” button to check that LDAP seems to be mapping some users you recognize, then use the “Verify login” button to test some user credentials.
However, every user that logs in with LDAP is an administrator.
I’ve mapped a Role to an LDAP group and gave that Role some access. But that doesn’t seem to work. Every LDAP users seems to have Administrator rights…
From the logs I can’t seem to see a lot… Is there a way to see more logging concerning LDAP and the Role/Privileges?
2022-06-22 11:13:52,253+0200 TRACE [qtp1484350385-630] lievenc org.apache.shiro.realm.AuthorizingRealm - Retrieving AuthorizationInfo for principals [lievenc]
2022-06-22 11:13:52,253+0200 TRACE [qtp1484350385-630] lievenc org.apache.shiro.realm.AuthorizingRealm - Attempting to retrieve the AuthorizationInfo from cache.
2022-06-22 11:13:52,253+0200 TRACE [qtp1484350385-630] lievenc org.apache.shiro.realm.AuthorizingRealm - AuthorizationInfo found in cache for principals [lievenc]
2022-06-22 11:13:52,253+0200 TRACE [qtp1484350385-630] lievenc org.sonatype.nexus.security.authz.ExceptionCatchingModularRealmAuthorizer - Realm: NexusAuthorizingRealm user: lievenc has permission: nexus:logging:read
2022-06-22 11:13:52,253+0200 TRACE [qtp1484350385-630] lievenc org.sonatype.nexus.common.stateguard.GuardedInterceptor - Invoking: GuardImpl{allowed=[STARTED]} → public java.io.InputStream org.sonatype.nexus.internal.log.LogbackLogManager.getLogFileStream(java.lang.String,long,long) throws java.io.IOException
2022-06-22 11:13:52,253+0200 DEBUG [qtp1484350385-630] lievenc org.sonatype.nexus.internal.log.LogbackLogManager - Retrieving log file
2022-06-22 11:13:52,253+0200 TRACE [qtp1484350385-630] lievenc org.sonatype.nexus.common.stateguard.GuardedInterceptor - Invoking: GuardImpl{allowed=[STARTED]} → public java.io.File org.sonatype.nexus.internal.log.LogbackLogManager.getLogFile(java.lang.String)
2022-06-22 11:13:52,253+0200 TRACE [qtp1484350385-630] lievenc org.sonatype.nexus.common.stateguard.GuardedInterceptor - Invoking: GuardImpl{allowed=[STARTED]} → public java.util.Set org.sonatype.nexus.internal.log.LogbackLogManager.getLogFiles()