upsertActiveDirectoryRealm
The upsertActiveDirectoryRealm operation handles configuration related to ActiveDirectoryRealm model.
Description
This API call is not allowed on the standby unit in an HA pair.
Data Parameters
| Parameter | Required | Type | Description | ||
|---|---|---|---|---|---|
| version | False | string | A unique string version assigned by the system when the object is created or modified. No assumption can be made on the format or content of this identifier. The identifier must be provided whenever attempting to modify/delete an existing object. As the version will change every time the object is modified, the value provided in this identifier must match exactly what is present in the system or the request will be rejected. | ||
| name | True | string | A UTF string containing the name for the directory realm. The string can be up to 50 characters. | ||
| directoryConfigurations | False | [object] | A list of directory server properties. | ||
| enabled | False | boolean | A boolean value, TRUE or FALSE (the default). The TRUE value indicates the realm is available for the use by Identity. FALSE indicates the realm is not in use by Identity. Once set to TRUE, it can not be set to FALSE only if Identity feature is enabled. | ||
| systemDefined | False | boolean | A read only boolean value, TRUE or FALSE (the default). The TRUE value indicates the realm is a special type of realm, created by system. FALSE indicates the realm is user-defined. | ||
| realmId | False | integer | An integer realm ID to differentiate user-defined realm from the two special system defined realms. This must be set to 2. | ||
| dirUsername | True | string | A mandatory Unicode string containing the distinguished username for a user with appropriate rights to retrieve directory user and group information. Field level constraints: cannot be null, must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
||
| dirPassword | True | string | A mandatory password for a user with appropriate rights to retrieve directory user and group information. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
||
| baseDN | True | string | A mandatory Unicode string containing the directory tree, common parent, for searching and querying user and group information. For example, cn=users,dc=example,dc=com Field level constraints: cannot be null, must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
||
| adPrimaryDomain | True | string | A mandatory Unicode alphanumeric string containing fully qualified Active Directory domain name that the device should join. For example, example.com Field level constraints: cannot be null, must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
||
| id | False | string | A unique string identifier assigned by the system when the object is created. No assumption can be made on the format or content of this identifier. The identifier must be provided whenever attempting to modify/delete (or reference) an existing object. Field level constraints: must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
||
| type | True | string | identitysourcebase | ||
Query Parameters
| Parameter | Required | Type | Description | ||
|---|---|---|---|---|---|
| filter | False | string | The criteria used to filter the models you are requesting. It should have the following format: {key}{operator}{value}[;{key}{operator}{value}]. Supported operators are: "!"(not equals), ":"(equals), "~"(similar). Supported keys are: "name", "fts". The "fts" filter cannot be used with other filters. Default filtering for Upsert operation is done by name. | ||
Example
- name: Execute 'upsertActiveDirectoryRealm' operation
ftd_configuration:
operation: "upsertActiveDirectoryRealm"
data:
version: "{{ version }}"
name: "{{ name }}"
directoryConfigurations: "{{ directory_configurations }}"
enabled: "{{ enabled }}"
systemDefined: "{{ system_defined }}"
realmId: "{{ realm_id }}"
dirUsername: "{{ dir_username }}"
dirPassword: "{{ dir_password }}"
baseDN: "{{ base_dn }}"
adPrimaryDomain: "{{ ad_primary_domain }}"
id: "{{ id }}"
type: "{{ type }}"
query_params:
filter: "{{ filter }}"