.. _aam_authentication_server: aam authentication server ========================= Authentication server configuration server Specification -------------------- ===================================== ================================================================== ===================================== ================================================================== **Type** *Configuration Resource* **Element Name** server **Element URI** /axapi/v3/aam/authentication/server **Element Attributes** server_attributes **Operational Data URI** /axapi/v3/aam/authentication/server/oper **Schema** :download:`server schema ` ===================================== ================================================================== **Operations Allowed:** .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html .. raw:: html
OperationMethodURIPayload
Create Object .. raw:: html POST .. raw:: html /axapi/v3/aam/authentication/server .. raw:: html :ref:`1218_server_attributes` .. raw:: html
Get Object .. raw:: html GET .. raw:: html /axapi/v3/aam/authentication/server .. raw:: html :ref:`1218_server_attributes` .. raw:: html
Modify Object .. raw:: html POST .. raw:: html /axapi/v3/aam/authentication/server .. raw:: html :ref:`1218_server_attributes` .. raw:: html
Replace Object .. raw:: html PUT .. raw:: html /axapi/v3/aam/authentication/server .. raw:: html :ref:`1218_server_attributes` .. raw:: html
Delete Object .. raw:: html DELETE .. raw:: html /axapi/v3/aam/authentication/server .. raw:: html :ref:`1218_server_attributes` .. raw:: html
.. _1218_server_attributes: server attributes ----------------- **ldap** **Description:** ldap is a **JSON Block**. Please see below for :ref:`1218_ldap` **Type:** Object **Refernce Object:** :doc:`/axapi/v3/aam/authentication/server/ldap ` **ocsp** **Description:** ocsp is a **JSON Block**. Please see below for :ref:`1218_ocsp` **Type:** Object **Refernce Object:** :doc:`/axapi/v3/aam/authentication/server/ocsp ` **radius** **Description:** radius is a **JSON Block**. Please see below for :ref:`1218_radius` **Type:** Object **Refernce Object:** :doc:`/axapi/v3/aam/authentication/server/radius ` **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters **windows** **Description:** windows is a **JSON Block**. Please see below for :ref:`1218_windows` **Type:** Object **Refernce Object:** :doc:`/axapi/v3/aam/authentication/server/windows ` .. _1218_windows: windows ^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **instance-list** **Type:** List **Refernce Object:** :doc:`/axapi/v3/aam/authentication/server/windows/instance/{name} ` **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1218_windows_instance-list: windows_instance-list ^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **auth-protocol** **Description:** auth-protocol is a **JSON Block**. Please see below for :ref:`1218_windows_instance-list_auth-protocol` **Type:** Object **health-check** **Description** Check server's health status **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** health-check and health-check-disable are mutually exclusive **health-check-disable** **Description** Disable configured health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** health-check-disable and health-check are mutually exclusive **health-check-string** **Description** Health monitor name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **host** **Description:** host is a **JSON Block**. Please see below for :ref:`1218_windows_instance-list_host` **Type:** Object **name** **Description** Specify Windows authentication server name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **realm** **Description** Specify realm of Windows server **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **support-apacheds-kdc** **Description** Enable weak cipher (DES CRC/MD5/MD4) and merge AS-REQ in single packet **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **timeout** **Description** Specify connection timeout to server, default is 10 seconds **Type:** number **Range:** 1-255 **Default:** 10 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1218_windows_instance-list_host: windows_instance-list_host ^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **hostip** **Description** Specify the Windows server's hostname(Length 1-31) or IP address **Type:** string **Format:** host **Maximum Length:** 31 characters **Maximum Length:** 1 characters **Mutual Exclusion:** hostip and hostipv6 are mutually exclusive **hostipv6** **Description** Specify the Windows server's IPV6 address **Type:** string **Format:** ipv6-address **Mutual Exclusion:** hostipv6 and hostip are mutually exclusive .. _1218_windows_instance-list_auth-protocol: windows_instance-list_auth-protocol ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **kerberos-disable** **Description** Disable Kerberos authentication protocol **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **kerberos-password-change-port** **Description** Specify the Kerbros password change port, default is 464 **Type:** number **Range:** 1-65534 **Default:** 464 **kerberos-port** **Description** Specify the Kerberos port, default is 88 **Type:** number **Range:** 1-65534 **Default:** 88 **kport-hm** **Description** Check Kerberos port's health status **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** kport-hm and kport-hm-disable are mutually exclusive **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **kport-hm-disable** **Description** Disable configured Kerberos port health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** kport-hm-disable and kport-hm are mutually exclusive **ntlm-disable** **Description** Disable NTLM authentication protocol **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **ntlm-health-check** **Description** Check NTLM port's health status **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** ntlm-health-check and ntlm-health-check-disable are mutually exclusive **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **ntlm-health-check-disable** **Description** Disable configured NTLM port health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** ntlm-health-check-disable and ntlm-health-check are mutually exclusive **ntlm-version** **Description** Specify NTLM version, default is 2 **Type:** number **Range:** 1-2 **Default:** 2 .. _1218_ocsp: ocsp ^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **instance-list** **Type:** List **Refernce Object:** :doc:`/axapi/v3/aam/authentication/server/ocsp/instance/{name} ` **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1218_ocsp_instance-list: ocsp_instance-list ^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **health-check** **Description** Check server's health status **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** health-check and health-check-disable are mutually exclusive **health-check-disable** **Description** Disable configured health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** health-check-disable and health-check are mutually exclusive **health-check-string** **Description** Health monitor name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **http-version** **Description** Set HTTP version (default 1.0) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **name** **Description** Specify OCSP authentication server name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **port-health-check** **Description** Check port's health status **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** port-health-check and port-health-check-disable are mutually exclusive **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **port-health-check-disable** **Description** Disable configured port health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** port-health-check-disable and port-health-check are mutually exclusive **responder-ca** **Description** Specify the trusted OCSP responder's CA cert filename **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters **responder-cert** **Description** Specify the trusted OCSP responder's cert filename **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters **url** **Description** Specify the OCSP server's address (Format: http://host[:port]/) (The OCSP server's address(Format: http://host[:port]/)) **Type:** string **Format:** string-rlx **Maximum Length:** 255 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters **version-type** **Description** '1.1': HTTP version 1.1; **Type:** string **Supported Values:** 1.1 .. _1218_radius: radius ^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **instance-list** **Type:** List **Refernce Object:** :doc:`/axapi/v3/aam/authentication/server/radius/instance/{name} ` **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1218_radius_instance-list: radius_instance-list ^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **accounting-port** **Description** Specify the RADIUS server's accounting port, default is 1813 **Type:** number **Range:** 1-65534 **Default:** 1813 **acct-port-hm** **Description** Specify accounting port health check method **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** acct-port-hm and acct-port-hm-disable are mutually exclusive **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **acct-port-hm-disable** **Description** Disable configured accounting port health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** acct-port-hm-disable and acct-port-hm are mutually exclusive **auth-type** **Description** 'pap': PAP authentication. Default; 'mschapv2': MS-CHAPv2 authentication; 'mschapv2-pap': Use MS-CHAPv2 first. If server doesn't support it, try PAP; **Type:** string **Supported Values:** pap, mschapv2, mschapv2-pap **encrypted** **Description** Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string) **health-check** **Description** Check server's health status **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** health-check and health-check-disable are mutually exclusive **health-check-disable** **Description** Disable configured health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** health-check-disable and health-check are mutually exclusive **health-check-string** **Description** Health monitor name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **host** **Description:** host is a **JSON Block**. Please see below for :ref:`1218_radius_instance-list_host` **Type:** Object **interval** **Description** Specify the interval time for resend the request (second), default is 3 seconds (The interval time(second), default is 3 seconds) **Type:** number **Range:** 1-1024 **Default:** 3 **name** **Description** Specify RADIUS authentication server name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **port** **Description** Specify the RADIUS server's authentication port, default is 1812 **Type:** number **Range:** 1-65534 **Default:** 1812 **port-hm** **Description** Check port's health status **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** port-hm and port-hm-disable are mutually exclusive **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **port-hm-disable** **Description** Disable configured port health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** port-hm-disable and port-hm are mutually exclusive **retry** **Description** Specify the retry number for resend the request, default is 5 (The retry number, default is 5) **Type:** number **Range:** 1-32 **Default:** 5 **secret** **Description** Specify the RADIUS server's secret **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **secret-string** **Description** The RADIUS server's secret **Type:** string **Format:** password **Maximum Length:** 128 characters **Maximum Length:** 1 characters **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1218_radius_instance-list_host: radius_instance-list_host ^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **hostip** **Description** Server's hostname(Length 1-31) or IP address **Type:** string **Format:** host **Maximum Length:** 31 characters **Maximum Length:** 1 characters **Mutual Exclusion:** hostip and hostipv6 are mutually exclusive **hostipv6** **Description** Server's IPV6 address **Type:** string **Format:** ipv6-address **Mutual Exclusion:** hostipv6 and hostip are mutually exclusive .. _1218_ldap: ldap ^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **instance-list** **Type:** List **Refernce Object:** :doc:`/axapi/v3/aam/authentication/server/ldap/instance/{name} ` **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1218_ldap_instance-list: ldap_instance-list ^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *list* **Block object keys** =============================== =================================================== **admin-dn** **Description** The LDAP server's admin DN **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **admin-secret** **Description** Specify the LDAP server's admin secret password **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **auth-type** **Description** 'ad': Active Directory. Default; 'open-ldap': OpenLDAP; **Type:** string **Supported Values:** ad, open-ldap **base** **Description** Specify the LDAP server's search base **Type:** string **Format:** string-rlx **Maximum Length:** 127 characters **Maximum Length:** 1 characters **bind-with-dn** **Description** Enforce using DN for LDAP binding(All user input name will be used to create DN) **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **ca-cert** **Description** Specify the LDAPS CA cert filename (Trusted LDAPS CA cert filename) **Type:** string **Maximum Length:** 245 characters **Maximum Length:** 1 characters **default-domain** **Description** Specify default domain for LDAP **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **derive-bind-dn** **Description:** derive-bind-dn is a **JSON Block**. Please see below for :ref:`1218_ldap_instance-list_derive-bind-dn` **Type:** Object **dn-attribute** **Description** Specify Distinguished Name attribute, default is CN **Type:** string **Format:** string-rlx **Maximum Length:** 31 characters **Maximum Length:** 1 characters **Default:** cn **encrypted** **Description** Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string) **health-check** **Description** Check server's health status **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** health-check and health-check-disable are mutually exclusive **health-check-disable** **Description** Disable configured health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** health-check-disable and health-check are mutually exclusive **health-check-string** **Description** Health monitor name **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **host** **Description:** host is a **JSON Block**. Please see below for :ref:`1218_ldap_instance-list_host` **Type:** Object **ldaps-conn-reuse-idle-timeout** **Description** Specify LDAPS connection reuse idle timeout value (in seconds) (Specify idle timeout value (in seconds), default is 0 (not reuse LDAPS connection)) **Type:** number **Range:** 0-86400 **Default:** 0 **name** **Description** Specify LDAP authentication server name **Type:** string **Format:** string-rlx **Maximum Length:** 63 characters **Maximum Length:** 1 characters **port** **Description** Specify the LDAP server's authentication port, default is 389 **Type:** number **Range:** 1-65534 **Default:** 389 **port-hm** **Description** Check port's health status **Type:** string **Maximum Length:** 63 characters **Maximum Length:** 1 characters **Mutual Exclusion:** port-hm and port-hm-disable are mutually exclusive **Refernce Object:** :doc:`/axapi/v3/health/monitor ` **port-hm-disable** **Description** Disable configured port health check configuration **Type:** boolean **Supported Values:** true, false, 1, 0 **Default:** 0 **Mutual Exclusion:** port-hm-disable and port-hm are mutually exclusive **prompt-pw-change-before-exp** **Description** Prompt user to change password before expiration in N days. This option only takes effect when server type is AD (Prompt user to change password before expiration in N days, default is not to prompt the user) **Type:** number **Range:** 1-999 **protocol** **Description** 'ldap': Use LDAP (default); 'ldaps': Use LDAP over SSL; 'starttls': Use LDAP StartTLS; **Type:** string **Supported Values:** ldap, ldaps, starttls **Default:** ldap **pwdmaxage** **Description** Specify the LDAP server's default password expiration time (in seconds) (The LDAP server's default password expiration time (in seconds), default is 0 (no expiration)) **Type:** number **Range:** 0-4294967295 **Default:** 0 **secret-string** **Description** secret password **Type:** string **Format:** password **Maximum Length:** 128 characters **Maximum Length:** 1 characters **timeout** **Description** Specify timout for LDAP, default is 10 seconds (The timeout, default is 10 seconds) **Type:** number **Range:** 1-255 **Default:** 10 **uuid** **Description** uuid of the object **Type:** string **Maximum Length:** 64 characters **Maximum Length:** 1 characters .. _1218_ldap_instance-list_derive-bind-dn: ldap_instance-list_derive-bind-dn ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **username-attr** **Description** Specify attribute name of username **Type:** string **Format:** string-rlx **Maximum Length:** 31 characters **Maximum Length:** 1 characters .. _1218_ldap_instance-list_host: ldap_instance-list_host ^^^^^^^^^^^^^^^^^^^^^^^ =============================== =================================================== **Specification** =============================== =================================================== **Type** *object* =============================== =================================================== **hostip** **Description** Server's hostname(Length 1-31) or IP address **Type:** string **Format:** host **Maximum Length:** 31 characters **Maximum Length:** 1 characters **Mutual Exclusion:** hostip and hostipv6 are mutually exclusive **hostipv6** **Description** Server's IPV6 address **Type:** string **Format:** ipv6-address **Mutual Exclusion:** hostipv6 and hostip are mutually exclusive .. _1218_oper_data: operational data ---------------- .. list-table:: :widths: 10 20 30 80 :header-rows: 2 :stub-columns: 1 * - - Counter - Size - Description * - - - - * - - rserver-count - number - rserver-count * - - name - string - name * - - get-count - string - get-count * - - part-id - number - part-id * - - rport-count - number - rport-count * - - rserver-list - - rserver-list