The following table describes the key-values for changing LDAP configuration via REST API:
Key-value | Description |
---|---|
"java.naming.factory.initial" | An optional key-value describing the initial context factory to be used, such as "com.sun.jndi.ldap.LdapCtxFactory". |
"com.sun.jndi.ldap.read.timeout" | The maximum amount of time in milliseconds for an LDAP request or a read timeout, e.g., "10000" |
"weight" | An optional LDAP weight value used to order the LDAP realm for authentication, such as "1", "2", "3". |
"enabled" | The key-value describing if the LDAP realm is enabled ("true") or disabled ("false"). |
"com.sun.jndi.ldap.connect.timeout" | The maximum amount of time in milliseconds for the LDAP provider to establish connection, e.g., "5000". If connection is not established within a timeout period, it is aborted. |
"searchbase" | The starting point of the search in the LDAP directory tree, such as "dc=example,dc=com". |
"query" | The LDAP search filter value for finding, retrieving, and importing users (used when "authen_dntype" : "query"). The value depends on the LDAP server, e.g., "(uid={0})" or "(&(cn={0})(objectClass=user))". |
"usergroup_query" | The LDAP search filter value for finding, retrieving, and importing user groups. The value depends on the LDAP server, e.g., "(cn={0})" or "(&(cn={0})(objectClass=group))". |
"authen_dntype" | The authentication type value. Use the "template" value when one-level search can be used to login. Use the "query" value when sub-level search can be used to login. |
"userDNTemplate" | The user template value used to search for users by a specific user path in one-level scope. The user name in the user path will be "{0}", e.g., "uid={0},dc=example,dc=com". |