The following table describes the key-values for changing the LDAP configuration via REST API:
Key-value | Description |
---|---|
"java.naming.factory.initial" | An optional key-value describing the initial context factory to be used, such as "com.sun.jndi.ldap.LdapCtxFactory". |
"com.sun.jndi.ldap.read.timeout" | The maximum amount of time in milliseconds for an LDAP request or a read timeout, e.g., "10000" |
"weight" | An optional LDAP weight value used to order the LDAP realm for authentication, such as "1", "2", "3". |
"enabled" | The key-value describing if the LDAP realm is enabled ("true") or disabled ("false"). |
"com.sun.jndi.ldap.connect.timeout" | The maximum amount of time in milliseconds for the LDAP provider to establish connection, e.g., "5000". If connection is not established within a timeout period, it is aborted. |
"searchbase" | The starting point of the search in the LDAP directory tree, such as "dc=example,dc=com". |
"query" | The LDAP search filter value for finding, retrieving, and importing users (used when "authen_dntype" : "query"). The value depends on the LDAP server, e.g., "(uid={0})" or "(&(cn={0})(objectClass=user))". |
"usergroup_query" | The LDAP search filter value for finding, retrieving, and importing user groups. The value depends on the LDAP server, e.g., "(cn={0})" or "(&(cn={0})(objectClass=group))". |
"authen_dntype" | The authentication type value. Use the "template" value when one-level search can be used to login. Use the "query" value when sub-level search can be used to login. |
"userDNTemplate" | The user template value used to search for users by a specific user path in one-level scope. The user name in the user path will be "{0}", e.g., "uid={0},dc=example,dc=com". |
"anoymousbind" | The anonymous binding allows to connect and search without logging in to the LDAP server. Normally, the value is "false". This value can be used only when the LDAP server allows it. |
"ldap_realm_name" | The name of the LDAP realm, such as "Apache LDAP" or "AD1". |
"java.naming.security.protocol" | The protocol for connecting to the LDAP server, such as "ssl" or "none". |
"key_cer_file_content" | The SSL key file content. If "java.naming.security.protocol" is "none", the value can be "". |
"protocol" | The LDAP protocol, e.g., "ldap". |
"port" | The LDAP port, e.g., "10389". |
"IP" | The server IP address, e.g., "127.0.0.1". |
"ID" | The ID of the LDAP realm. This value is generated from the Teamwork Cloud server. |
"authen" | The authentication type. Use the "simple" value for a clear-text password. Use the "sasl_mech" value for a space-separated list of the SASL mechanism names. You can use one of the SASL mechanisms, e.g., "CRAM-MD5" which means that the CRAM-MD5 SASL mechanism described in RFC 2195 will be used. |
"userName" | The user name used to log in to the LDAP server, such as "uid=admin,ou=system". |
"password" | The password used to log in to the LDAP server. |
"url" | The URL constructed from "IP", "port", and "protocol", e.g., "ldap://127.0.0.1:10389". |