LDAPConfiguration

Configuration of LDAP parameters associated with an enterprise. This will enable authentication through an external LDAP server for this enterprise.

Overview

acceptAllCertificates boolean
authorizationEnabled boolean filterable  
authorizingUserDN string required  
certificate string
enabled boolean filterable  
entityScope enum (ENTERPRISE | GLOBAL) autogenerated   filterable   orderable  
externalID string filterable   orderable   locally unique  
groupDN string required  
groupNamePrefix string
groupNameSuffix string
lastUpdatedBy string autogenerated  
password string
port string required   filterable  
server string required   filterable   orderable  
SSLEnabled boolean
userDNTemplate string

API Resource

/ldapconfigurations/id
get put

Parents

/enterprises/id/ldapconfigurations
get

Children

/ldapconfigurations/id/metadatas
get post
/ldapconfigurations/id/globalmetadatas
get post put

Members

This object has no members.

Attributes documentation

acceptAllCertificates boolean
Discussion

Accept all certificates from the LDAP server

Charateristics

Format: free
SDK attribute: acceptAllCertificates

authorizationEnabled boolean filterable  
Discussion

To enable LDAP authorization for an enterprise, both authorizationEnabled and enabled attributes must be set to true. If enabled attribute is not set, this attribute is ignored. The relationship between enabled and authorizationEnabled attributes is as follows, enabled = true, authorizationEnabled = false, LDAP is used only for Authentication. enabled = true, authorizationEnabled = true, LDAP is used for both authentication and authorization. enabled = false, authorizationEnabled = true, LDAP is not used. enabled = false, authorizationEnabled = false, LDAP is not used.

Charateristics

Format: free
SDK attribute: authorizationEnabled

authorizingUserDN string required  
Discussion

This attribute is a mandatory field for LDAP authorization. When LDAP is used for authorization for an enterprise, the user DN that will be used to verify the integrity of groups and users in LDAP server for the enterprise. For example, CN=groupAdmin,OU=VSD_USERS,OU=Personal,OU=Domain Users,DC=company,DC=com

Charateristics

Format: free
SDK attribute: authorizingUserDN

certificate string
Discussion

The certificate to authenticate with the LDAP server

Charateristics

Format: free
SDK attribute: certificate

enabled boolean filterable  
Discussion

To enable LDAP authentication for an enterprise, set this attribute to true. If enabled is set to false, authorizationEnabled attribute is ignored and LDAP is not used for authentication as well as authorization. The relationship between enabled and authorizationEnabled attributes is as follows, enabled = true, authorizationEnabled = false, LDAP is used only for Authentication enabled = true, authorizationEnabled = true, LDAP is used for both authentication and authorization. enabled = false, authorizationEnabled = true, LDAP is not used. enabled = false, authorizationEnabled = false, LDAP is not used.

Charateristics

Format: free
SDK attribute: enabled

entityScope enum autogenerated   filterable   orderable  
Discussion

Specify if scope of entity is Data center or Enterprise level

Charateristics

Allowed values: ENTERPRISE, GLOBAL
Format: free
SDK attribute: entityScope

externalID string filterable   orderable   locally unique  
Discussion

External object ID. Used for integration with third party systems

Charateristics

Format: free
SDK attribute: externalID

groupDN string required  
Discussion

This attribute is a mandatory field for LDAP authorization. When LDAP is used for authorization for an enterprise, the group DN will be used to get the list of VSD specific groups in LDAP server for the enterprise. For example, OU=VSDGroups,DC=company,DC=com

Charateristics

Format: free
SDK attribute: groupDN

groupNamePrefix string
Discussion

If this is specified, Prefix+Pre-definedGroupName will be used to look for users.

Charateristics

Format: free
SDK attribute: groupNamePrefix

groupNameSuffix string
Discussion

If this is specified, Pre-definedGroupName+Suffix will be used to look for users.

Charateristics

Format: free
SDK attribute: groupNameSuffix

lastUpdatedBy string autogenerated  
Discussion

ID of the user who last updated the object.

Charateristics

Format: free
SDK attribute: lastUpdatedBy

password string
Discussion

This attribute is a mandatory field for LDAP authorization. Password that will be used to verify the integrity of groups and users in LDAP server for the enterprise.

Charateristics

Format: free
Min length: 1
Max length: 255
SDK attribute: password

port string required   filterable  
Discussion

Port to be used for the LDAP server

Charateristics

Format: free
SDK attribute: port

server string required   filterable   orderable  
Discussion

The LDAP server IP or FQDN

Charateristics

Format: free
SDK attribute: server

SSLEnabled boolean
Discussion

Enable SSL for communication with the LDAP server

Charateristics

Format: free
SDK attribute: SSLEnabled

userDNTemplate string
Discussion

The DN template to be used for authentication. The template needs to have a string _USERID_ in it. This will be replaced by the userId of the user who makes the REST API call. For example, template UID=_USERID_,OU=company,DC=com will converted to UID=admin,OU=company,DC=com and this will be used as DN for LDAP authentication.

Charateristics

Format: free
SDK attribute: userDNTemplate