How can I prevent disabled Active Directory users from accessing the server with their user token?

Visit for documentation on Nexus Repository version 2.

If you have configured Nexus Repository 2 to authenticate using Active Directory, and you are making use of the User Token feature in Nexus Repository 2, professional you will find that users will still be able to access the server using their user tokens even if you have disabled their Active Directory accounts.

Of course you can work around this by editing the user in Nexus Repository and clicking on "reset token".  However, there is a better way to prevent this.

Go to "security/ldap", click on the "user & group settings" tab.

Then set the "user filter" field as follows:


This will prevent disabled users from showing up in LDAP search results. And user tokens will not work for users that cannot be found in any configured security realm.

Note that the above configuration will only work for Active Directory.

Have more questions? Submit a request


Article is closed for comments.