Attributes

Common Attributes:

attribute

type

values

default

mandate

type

string

sql/ldap/custom

sql

true

name

string

 

 

true

loginNameFormat

ENUM

ACCOUNT_NAME
USER_PRINCIPAL_NAME
DOWN_LEVEL_LOGON_NAME

 

 

description

string

 

 

false

domains*

coll

 

 

false

dialPrefix

string

 

 

false

dialRemove

string

 

 

false
  • associated domains
    Attributes for LDAP:

    attribute

    type

    values

    default

    mandate

    directoryProvider

    string

    Active Directory
    OpenLDAP
    ...

     

     

    directoryURL

    string

     

     

    yes

    failOverURL

    string

     

     

     

    ldapServerConnections

    coll

     

     

     

    accessUserDN

    string

     

     

    yes

    accessPassword

    string

     

     

    yes

    authMethod

    string

     

    simple

     

     

     

     

     

     

    globalCatalog

    boolean

    true
    false

    false

     

    userGroupType

    string

    universal
    global
    local

    universal

     

    readOnly

    boolean

    true
    false

    true

     

    timeOut

    integer

     

    3

     

    rdn

    string

     

    cn

     

    externalUserEnabledState

    Boolean

    true
    false

    true

     

     

     

     

     

     

    userBaseDN

    string

     

     

    yes

    searchFilter

    string

     

     

     

    searchScope

    integer

    0 (object)
    1 (onelevel)
    2 (subtree)

    2 (subtree)

     

    distinguishedNameAttribute

    string

     

    distinguishedName

     

    groupNameAttribute

    string

     

    name

     

    groupSearchFilter

    string

     

    (objectClass=group)

     

    groupSearchScope

    integer

    0 (object)
    1 (onelevel)
    2 (subtree)

    2 (subtree)

     

    membershipAttribute

    string

     

    member

     

    memberOfAttribute

    string

     

    memberOf

     

    useMemberOfAttribute

    boolean

    true
    false

    true

     

     

     

     

     

     

    ouNameAttribute

    string

     

    name

     

    ouSearchFilter

    string

     

    (objectclass=organizationalUnit)

     

    ouSearchScope

    integer

    0 (object)
    1 (onelevel)
    2 (subtree)

    2 (subtree)

     

     

     

     

     

     


    /identitySource/create

    To create a new identity source. On success, the method always returns the internal object id of the newly created identity source
    Parameters:
    {
    "attrs":{list of attribute value pairs}
    }
    Response:
    {
    "error":0,
    "result":{"id":the id of the newly created object}
    }
    Note:
    When creating a LDAP identity source, you have to at least define the following attribute mapping:
    {"name":"UUID", "mapsTo":"..." }

    Examples:
    Method: /identitySource/create
    Parameters:
    {
    "attrs":
    {
    "type":"sql",
    "name":"internal administrators",
    "description":"An internal identity source"
    }
    }
    Response: {"error":0, "result":{"id":1}}
    -------------------------------------------------------------------
    Method: /identitySource/create
    Parameters:
    {
    "attrs":
    {
    "type":"ldap",
    "name":"ACME Active Diretory",
    "directoryProvider":"Active Directory",
    "directoryURL":"ldap://192.168.222.171", "accessUserDN":
    "CN=administrator,CN=users,DC=parkoffice,DC=com",
    "accessPassword":"deep&net1",
    "userBaseDN":"CN=users,DC=parkoffice,DC=com",
    "mappings":
    [
    {"name":"loginName", "mapsTo":"sAMAccountName"},
    {"name":"mobile", "mapsTo":"mobile"},
    {"name":"email", "mapsTo":"mail"},
    {"name":"UUID", "mapsTo":"ObjectGUID", "type":"BINARY"},
    {"name":"myattr1", "mapsTo":"myattr1", external:false},
    {"name":"myattr2", "mapsTo":"myattr2", external:false}
    ]
    }
    }
    Response: {"error":0, "result":{"id":2}}

    /identitySource/search

    /identitySource/get

    /identitySource/set

    /identitySource/delete



  • No labels