{ "id":"/axapi/v3/aam/authentication/server/ldap", "type":"object", "node-type":"scalar", "title":"ldap", "partition-visibility":"shared", "auto-created-object":1, "description":"LDAP Authentication Server", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'admin-bind-success': Total Admin Bind Success; 'admin-bind-failure': Total Admin Bind Failure; 'bind-success': Total User Bind Success; 'bind-failure': Total User Bind Failure; 'search-success': Total Search Success; 'search-failure': Total Search Failure; 'authorize-success': Total Authorization Success; 'authorize-failure': Total Authorization Failure; 'timeout-error': Total Timeout; 'other-error': Total Other Error; 'request': Total Request; 'request-normal': Total Normal Request; 'request-dropped': Total Dropped Request; 'response-success': Total Success Response; 'response-failure': Total Failure Response; 'response-error': Total Error Response; 'response-timeout': Total Timeout Response; 'response-other': Total Other Response; 'job-start-error': Total Job Start Error; 'polling-control-error': Total Polling Control Error; 'ssl-session-created': TLS/SSL Session Created; 'ssl-session-failure': TLS/SSL Session Failure; 'ldaps-idle-conn-num': LDAPS Idle Connection Number; 'ldaps-inuse-conn-num': LDAPS In-use Connection Number; 'pw-expiry': Total Password expiry; 'pw-change-success': Total password change success; 'pw-change-failure': Total password change failure; ", "enum":[ "all", "admin-bind-success", "admin-bind-failure", "bind-success", "bind-failure", "search-success", "search-failure", "authorize-success", "authorize-failure", "timeout-error", "other-error", "request", "request-normal", "request-dropped", "response-success", "response-failure", "response-error", "response-timeout", "response-other", "job-start-error", "polling-control-error", "ssl-session-created", "ssl-session-failure", "ldaps-idle-conn-num", "ldaps-inuse-conn-num", "pw-expiry", "pw-change-success", "pw-change-failure" ] } } } ] }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/ldap/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify LDAP authentication server name", "optional":false }, "host":{ "type":"object", "properties":{ "hostip":{ "type":"string", "format":"host", "minLength":1, "maxLength":31, "partition-visibility":"shared", "not":"hostipv6", "description":"Server's hostname(Length 1-31) or IP address" }, "hostipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "not":"hostip", "description":"Server's IPV6 address" } } }, "base":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify the LDAP server's search base", "optional":true }, "port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":389, "partition-visibility":"shared", "description":"Specify the LDAP server's authentication port, default is 389", "optional":true }, "port-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"port-hm-disable", "description":"Check port's health status", "optional":true }, "port-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"port-hm", "description":"Disable configured port health check configuration", "optional":true }, "pwdmaxage":{ "type":"number", "format":"number", "minimum":0, "maximum":4294967295, "default":0, "partition-visibility":"shared", "description":"Specify the LDAP server's default password expiration time (in seconds) (The LDAP server's default password expiration time (in seconds), default is 0 (no expiration))", "optional":true }, "admin-dn":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"The LDAP server's admin DN", "optional":true }, "admin-secret":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Specify the LDAP server's admin secret password", "optional":true }, "secret-string":{ "type":"string", "format":"password", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"secret password", "optional":true }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)", "optional":true }, "timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":255, "default":10, "partition-visibility":"shared", "description":"Specify timout for LDAP, default is 10 seconds (The timeout, default is 10 seconds)", "optional":true }, "dn-attribute":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":31, "default":"cn", "partition-visibility":"shared", "description":"Specify Distinguished Name attribute, default is CN", "optional":true }, "default-domain":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify default domain for LDAP", "optional":true }, "bind-with-dn":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enforce using DN for LDAP binding(All user input name will be used to create DN)", "optional":true }, "derive-bind-dn":{ "type":"object", "properties":{ "username-attr":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":31, "partition-visibility":"shared", "description":"Specify attribute name of username" } } }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "protocol":{ "type":"string", "format":"enum", "default":"ldap", "partition-visibility":"shared", "description":"'ldap': Use LDAP (default); 'ldaps': Use LDAP over SSL; 'starttls': Use LDAP StartTLS; ", "enum":[ "ldap", "ldaps", "starttls" ], "optional":true }, "ca-cert":{ "type":"string", "format":"string", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Specify the LDAPS CA cert filename (Trusted LDAPS CA cert filename)", "optional":true }, "ldaps-conn-reuse-idle-timeout":{ "type":"number", "format":"number", "minimum":0, "maximum":86400, "default":0, "partition-visibility":"shared", "description":"Specify LDAPS connection reuse idle timeout value (in seconds) (Specify idle timeout value (in seconds), default is 0 (not reuse LDAPS connection))", "optional":true }, "auth-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'ad': Active Directory. Default; 'open-ldap': OpenLDAP; ", "enum":[ "ad", "open-ldap" ], "optional":true }, "prompt-pw-change-before-exp":{ "type":"number", "format":"number", "minimum":1, "maximum":999, "partition-visibility":"shared", "description":"Prompt user to change password before expiration in N days. This option only takes effect when server type is AD (Prompt user to change password before expiration in N days, default is not to prompt the user)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'admin-bind-success': Admin Bind Success; 'admin-bind-failure': Admin Bind Failure; 'bind-success': User Bind Success; 'bind-failure': User Bind Failure; 'search-success': Search Success; 'search-failure': Search Failure; 'authorize-success': Authorization Success; 'authorize-failure': Authorization Failure; 'timeout-error': Timeout; 'other-error': Other Error; 'request': Request; 'ssl-session-created': TLS/SSL Session Created; 'ssl-session-failure': TLS/SSL Session Failure; 'pw_expiry': Password expiry; 'pw_change_success': Password change success; 'pw_change_failure': Password change failure; ", "enum":[ "all", "admin-bind-success", "admin-bind-failure", "bind-success", "bind-failure", "search-success", "search-failure", "authorize-success", "authorize-failure", "timeout-error", "other-error", "request", "ssl-session-created", "ssl-session-failure", "pw_expiry", "pw_change_success", "pw_change_failure" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-ldap-inst-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] } } }