Nexus does not list all available LDAP groups in external role mapping dialog

This is a known issue when using Nexus against Acitve Directory servers with very large numbers of groups, we will be fixing this in a future release.

As a workaround, you can try manually typing in the role name for the mapping.  This usually works, but in some cases it will still fail.

However, there is another workaround which will get you going if you run into this problem.  Just create a regular (non-mapped) Nexus role with the same name as your AD group. Nexus expects role ID's to be unique in the system regardless of what security realm they come from, so it will map the privileges associated with this role to any LDAP user who is a member of a group with the same name.

Have more questions? Submit a request

8 Comments

  • 0
    Avatar
    Peter Brodt

    Hi Rich,

    is there anything in plan to solve the problem. The workaround only works with Nexus Admin Role bound to the non mapped pseudo AD-Nexus-Group. I must miss an important role or privilege but I have no idea which.

    We only get around this problem by adding each user to Nexus.

    Peter

  • 0
    Avatar
    Peter Brodt

    I forgot, we are running Sonatype Nexus™ Professional Edition, Version: 2.11.1-01.

  • 0
    Avatar
    Rich Seddon

    The solution above is not restricted to any particular role, it works for all roles.  It sounds like something else is going on. Can you raise a support ticket?

  • 0
    Avatar
    Mario Majcica
    I'm also experiencing the same problem. Some groups are listed, some other are missing. However the Nexus Role workaround works fine. Thanks
  • 0
    Avatar
    Shai Gilboa

    I'm also having the same issues. Nexus 2.12.0-01.

    Using Dynamic Groups type for the mapping.

    Any solution planned for this?

    Thanks

  • 0
    Avatar
  • 0
    Avatar
    Jirong Hu

    This issue is still not fixed in Nexus 3, M7. The workaround is same: create Nexus Role with the same names.

  • 0
    Avatar
    Peter Lynch

    We are closing this article for comments.

    If you have a support license, please contact us by submitting a support ticket.

    If you do not have a support license, please use our Nexus Users List or our other free support resources.

Article is closed for comments.
Powered by Zendesk