{ "id":"/axapi/v3/aam/authentication/server", "type":"object", "node-type":"scalar", "title":"server", "partition-visibility":"shared", "auto-created-object":1, "description":"Authentication server configuration", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "ldap":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/server/ldap", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/ldap/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify LDAP authentication server name", "optional":false }, "host":{ "type":"object", "properties":{ "hostip":{ "type":"string", "format":"host", "minLength":1, "maxLength":31, "partition-visibility":"shared", "not":"hostipv6", "description":"Server's hostname(Length 1-31) or IP address" }, "hostipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "not":"hostip", "description":"Server's IPV6 address" } } }, "base":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify the LDAP server's search base", "optional":true }, "port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":389, "partition-visibility":"shared", "description":"Specify the LDAP server's authentication port, default is 389", "optional":true }, "port-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"port-hm-disable", "description":"Check port's health status", "optional":true }, "port-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"port-hm", "description":"Disable configured port health check configuration", "optional":true }, "pwdmaxage":{ "type":"number", "format":"number", "minimum":0, "maximum":4294967295, "default":0, "partition-visibility":"shared", "description":"Specify the LDAP server's default password expiration time (in seconds) (The LDAP server's default password expiration time (in seconds), default is 0 (no expiration))", "optional":true }, "admin-dn":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"The LDAP server's admin DN", "optional":true }, "admin-secret":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Specify the LDAP server's admin secret password", "optional":true }, "secret-string":{ "type":"string", "format":"password", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"secret password", "optional":true }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)", "optional":true }, "timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":255, "default":10, "partition-visibility":"shared", "description":"Specify timout for LDAP, default is 10 seconds (The timeout, default is 10 seconds)", "optional":true }, "dn-attribute":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":31, "default":"cn", "partition-visibility":"shared", "description":"Specify Distinguished Name attribute, default is CN", "optional":true }, "default-domain":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify default domain for LDAP", "optional":true }, "bind-with-dn":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enforce using DN for LDAP binding(All user input name will be used to create DN)", "optional":true }, "derive-bind-dn":{ "type":"object", "properties":{ "username-attr":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":31, "partition-visibility":"shared", "description":"Specify attribute name of username" } } }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "protocol":{ "type":"string", "format":"enum", "default":"ldap", "partition-visibility":"shared", "description":"'ldap': Use LDAP (default); 'ldaps': Use LDAP over SSL; 'starttls': Use LDAP StartTLS; ", "enum":[ "ldap", "ldaps", "starttls" ], "optional":true }, "ca-cert":{ "type":"string", "format":"string", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Specify the LDAPS CA cert filename (Trusted LDAPS CA cert filename)", "optional":true }, "ldaps-conn-reuse-idle-timeout":{ "type":"number", "format":"number", "minimum":0, "maximum":86400, "default":0, "partition-visibility":"shared", "description":"Specify LDAPS connection reuse idle timeout value (in seconds) (Specify idle timeout value (in seconds), default is 0 (not reuse LDAPS connection))", "optional":true }, "auth-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'ad': Active Directory. Default; 'open-ldap': OpenLDAP; ", "enum":[ "ad", "open-ldap" ], "optional":true }, "prompt-pw-change-before-exp":{ "type":"number", "format":"number", "minimum":1, "maximum":999, "partition-visibility":"shared", "description":"Prompt user to change password before expiration in N days. This option only takes effect when server type is AD (Prompt user to change password before expiration in N days, default is not to prompt the user)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true } }, "required":[ "name" ] } ] } } }, "ocsp":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/server/ocsp", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/ocsp/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify OCSP authentication server name", "optional":false }, "url":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":255, "partition-visibility":"shared", "description":"Specify the OCSP server's address (Format: http://host[:port]/) (The OCSP server's address(Format: http://host[:port]/))", "optional":true }, "responder-ca":{ "type":"string", "format":"string", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Specify the trusted OCSP responder's CA cert filename", "optional":true }, "responder-cert":{ "type":"string", "format":"string", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Specify the trusted OCSP responder's cert filename", "optional":true }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "port-health-check":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"port-health-check-disable", "description":"Check port's health status", "optional":true }, "port-health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"port-health-check", "description":"Disable configured port health check configuration", "optional":true }, "http-version":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Set HTTP version (default 1.0)", "optional":true }, "version-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'1.1': HTTP version 1.1; ", "enum":[ "1.1" ], "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true } }, "required":[ "name" ] } ] } } }, "radius":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/server/radius", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/radius/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify RADIUS authentication server name", "optional":false }, "host":{ "type":"object", "properties":{ "hostip":{ "type":"string", "format":"host", "minLength":1, "maxLength":31, "partition-visibility":"shared", "not":"hostipv6", "description":"Server's hostname(Length 1-31) or IP address" }, "hostipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "not":"hostip", "description":"Server's IPV6 address" } } }, "secret":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Specify the RADIUS server's secret", "optional":true }, "secret-string":{ "type":"string", "format":"password", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"The RADIUS server's secret", "optional":true }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)", "optional":true }, "port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":1812, "partition-visibility":"shared", "description":"Specify the RADIUS server's authentication port, default is 1812", "optional":true }, "port-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"port-hm-disable", "description":"Check port's health status", "optional":true }, "port-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"port-hm", "description":"Disable configured port health check configuration", "optional":true }, "interval":{ "type":"number", "format":"number", "minimum":1, "maximum":1024, "default":3, "partition-visibility":"shared", "description":"Specify the interval time for resend the request (second), default is 3 seconds (The interval time(second), default is 3 seconds)", "optional":true }, "retry":{ "type":"number", "format":"number", "minimum":1, "maximum":32, "default":5, "partition-visibility":"shared", "description":"Specify the retry number for resend the request, default is 5 (The retry number, default is 5)", "optional":true }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "accounting-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":1813, "partition-visibility":"shared", "description":"Specify the RADIUS server's accounting port, default is 1813", "optional":true }, "acct-port-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"acct-port-hm-disable", "description":"Specify accounting port health check method", "optional":true }, "acct-port-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"acct-port-hm", "description":"Disable configured accounting port health check configuration", "optional":true }, "auth-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'pap': PAP authentication. Default; 'mschapv2': MS-CHAPv2 authentication; 'mschapv2-pap': Use MS-CHAPv2 first. If server doesn't support it, try PAP; ", "enum":[ "pap", "mschapv2", "mschapv2-pap" ], "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true } }, "required":[ "name" ] } ] } } }, "windows":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/server/windows", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/windows/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify Windows authentication server name", "optional":false }, "host":{ "type":"object", "properties":{ "hostip":{ "type":"string", "format":"host", "minLength":1, "maxLength":31, "partition-visibility":"shared", "not":"hostipv6", "description":"Specify the Windows server's hostname(Length 1-31) or IP address" }, "hostipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "not":"hostip", "description":"Specify the Windows server's IPV6 address" } } }, "timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":255, "default":10, "partition-visibility":"shared", "description":"Specify connection timeout to server, default is 10 seconds", "optional":true }, "auth-protocol":{ "type":"object", "properties":{ "ntlm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable NTLM authentication protocol" }, "ntlm-version":{ "type":"number", "format":"number", "minimum":1, "maximum":2, "default":2, "partition-visibility":"shared", "description":"Specify NTLM version, default is 2" }, "ntlm-health-check":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"ntlm-health-check-disable", "description":"Check NTLM port's health status" }, "ntlm-health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"ntlm-health-check", "description":"Disable configured NTLM port health check configuration" }, "kerberos-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable Kerberos authentication protocol" }, "kerberos-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":88, "partition-visibility":"shared", "description":"Specify the Kerberos port, default is 88" }, "kport-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"kport-hm-disable", "description":"Check Kerberos port's health status" }, "kport-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"kport-hm", "description":"Disable configured Kerberos port health check configuration" }, "kerberos-password-change-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":464, "partition-visibility":"shared", "description":"Specify the Kerbros password change port, default is 464" } } }, "realm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify realm of Windows server", "optional":true }, "support-apacheds-kdc":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable weak cipher (DES CRC/MD5/MD4) and merge AS-REQ in single packet", "optional":true }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true } }, "required":[ "name" ] } ] } } } } }