LDAPRealm
Description
An object that represents an OpenLDAP server and the attributes required to provide authentication services. Realms are used by Identity to get user identity and group membership information used in access control rules and Remote access VPN to provide authentication services. (Note: The field level constraints listed here might not cover all the constraints on the field. Additional constraints might exist.)
Model Properties
| Property | Required | Type | Description | |||
|---|---|---|---|---|---|---|
| version | False | string | A unique string version assigned by the system when the object is created or modified. No assumption can be made on the format or content of this identifier. The identifier must be provided whenever attempting to modify/delete an existing object. As the version will change every time the object is modified, the value provided in this identifier must match exactly what is present in the system or the request will be rejected. | |||
| name | True | string | A UTF string containing the name for the directory realm. The string can be up to 50 characters. | |||
| directoryConfigurations | False | [object] | A list of directory server properties. | |||
| enabled | False | boolean | A boolean value, TRUE or FALSE (the default). The TRUE value indicates the realm is available for the use by Identity. FALSE indicates the realm is not in use by Identity. Once set to TRUE, it can not be set to FALSE only if Identity feature is enabled. | |||
| systemDefined | False | boolean | A read only boolean value, TRUE or FALSE (the default). The TRUE value indicates the realm is a special type of realm, created by system. FALSE indicates the realm is user-defined. | |||
| realmId | False | integer | An integer realm ID to differentiate user-defined realm from the two special system defined realms. The realm ID must be provided whenever attempting to modify an existing object. | |||
| dirUsername | True | string | A mandatory Unicode string containing the distinguished username for a user with appropriate rights to retrieve directory user and group information. Field level constraints: cannot be null, must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
|||
| dirPassword | True | string | A mandatory password for a user with appropriate rights to retrieve directory user and group information. Field level constraints: cannot be null. (Note: Additional constraints might exist) |
|||
| baseDN | True | string | A mandatory Unicode string containing the directory tree, common parent, for searching and querying user and group information. For example, cn=users,dc=example,dc=com Field level constraints: cannot be null, must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
|||
| ldapAttributeMap | False | object | Optional. The name of the LdapAttributeMap object used for authorization for the LDAP realm. If you do not specify a map name, no custom mappings are used for authorization. Allowed types are: [LdapAttributeMap] |
|||
| id | False | string | A unique string identifier assigned by the system when the object is created. No assumption can be made on the format or content of this identifier. The identifier must be provided whenever attempting to modify/delete (or reference) an existing object. Field level constraints: must match pattern ^((?!;).)*$. (Note: Additional constraints might exist) |
|||
| type | True | string | identitysourcebase | |||