{ "id":"/axapi/v3/aam/authentication/server", "type":"object", "node-type":"scalar", "title":"server", "partition-visibility":"shared", "auto-created-object":1, "description":"Authentication server configuration", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "ldap":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/server/ldap", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'admin-bind-success': Total Admin Bind Success; 'admin-bind-failure': Total Admin Bind Failure; 'bind-success': Total User Bind Success; 'bind-failure': Total User Bind Failure; 'search-success': Total Search Success; 'search-failure': Total Search Failure; 'authorize-success': Total Authorization Success; 'authorize-failure': Total Authorization Failure; 'timeout-error': Total Timeout; 'other-error': Total Other Error; 'request': Total Request; 'request-normal': Total Normal Request; 'request-dropped': Total Dropped Request; 'response-success': Total Success Response; 'response-failure': Total Failure Response; 'response-error': Total Error Response; 'response-timeout': Total Timeout Response; 'response-other': Total Other Response; 'job-start-error': Total Job Start Error; 'polling-control-error': Total Polling Control Error; 'ssl-session-created': TLS/SSL Session Created; 'ssl-session-failure': TLS/SSL Session Failure; 'ldaps-idle-conn-num': LDAPS Idle Connection Number; 'ldaps-inuse-conn-num': LDAPS In-use Connection Number; 'pw-expiry': Total Password expiry; 'pw-change-success': Total password change success; 'pw-change-failure': Total password change failure; ", "enum":[ "all", "admin-bind-success", "admin-bind-failure", "bind-success", "bind-failure", "search-success", "search-failure", "authorize-success", "authorize-failure", "timeout-error", "other-error", "request", "request-normal", "request-dropped", "response-success", "response-failure", "response-error", "response-timeout", "response-other", "job-start-error", "polling-control-error", "ssl-session-created", "ssl-session-failure", "ldaps-idle-conn-num", "ldaps-inuse-conn-num", "pw-expiry", "pw-change-success", "pw-change-failure" ] } } } ] }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/ldap/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify LDAP authentication server name", "optional":false }, "host":{ "type":"object", "properties":{ "hostip":{ "type":"string", "format":"host", "minLength":1, "maxLength":31, "partition-visibility":"shared", "not":"hostipv6", "description":"Server's hostname(Length 1-31) or IP address" }, "hostipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "not":"hostip", "description":"Server's IPV6 address" } } }, "base":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify the LDAP server's search base", "optional":true }, "port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":389, "partition-visibility":"shared", "description":"Specify the LDAP server's authentication port, default is 389", "optional":true }, "port-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"port-hm-disable", "description":"Check port's health status", "optional":true }, "port-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"port-hm", "description":"Disable configured port health check configuration", "optional":true }, "pwdmaxage":{ "type":"number", "format":"number", "minimum":0, "maximum":4294967295, "default":0, "partition-visibility":"shared", "description":"Specify the LDAP server's default password expiration time (in seconds) (The LDAP server's default password expiration time (in seconds), default is 0 (no expiration))", "optional":true }, "admin-dn":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"The LDAP server's admin DN", "optional":true }, "admin-secret":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Specify the LDAP server's admin secret password", "optional":true }, "secret-string":{ "type":"string", "format":"password", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"secret password", "optional":true }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)", "optional":true }, "timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":255, "default":10, "partition-visibility":"shared", "description":"Specify timout for LDAP, default is 10 seconds (The timeout, default is 10 seconds)", "optional":true }, "dn-attribute":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":31, "default":"cn", "partition-visibility":"shared", "description":"Specify Distinguished Name attribute, default is CN", "optional":true }, "default-domain":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify default domain for LDAP", "optional":true }, "bind-with-dn":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enforce using DN for LDAP binding(All user input name will be used to create DN)", "optional":true }, "derive-bind-dn":{ "type":"object", "properties":{ "username-attr":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":31, "partition-visibility":"shared", "description":"Specify attribute name of username" } } }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "protocol":{ "type":"string", "format":"enum", "default":"ldap", "partition-visibility":"shared", "description":"'ldap': Use LDAP (default); 'ldaps': Use LDAP over SSL; 'starttls': Use LDAP StartTLS; ", "enum":[ "ldap", "ldaps", "starttls" ], "optional":true }, "ca-cert":{ "type":"string", "format":"string", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Specify the LDAPS CA cert filename (Trusted LDAPS CA cert filename)", "optional":true }, "ldaps-conn-reuse-idle-timeout":{ "type":"number", "format":"number", "minimum":0, "maximum":86400, "default":0, "partition-visibility":"shared", "description":"Specify LDAPS connection reuse idle timeout value (in seconds) (Specify idle timeout value (in seconds), default is 0 (not reuse LDAPS connection))", "optional":true }, "auth-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'ad': Active Directory. Default; 'open-ldap': OpenLDAP; ", "enum":[ "ad", "open-ldap" ], "optional":true }, "prompt-pw-change-before-exp":{ "type":"number", "format":"number", "minimum":1, "maximum":999, "partition-visibility":"shared", "description":"Prompt user to change password before expiration in N days. This option only takes effect when server type is AD (Prompt user to change password before expiration in N days, default is not to prompt the user)", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'admin-bind-success': Admin Bind Success; 'admin-bind-failure': Admin Bind Failure; 'bind-success': User Bind Success; 'bind-failure': User Bind Failure; 'search-success': Search Success; 'search-failure': Search Failure; 'authorize-success': Authorization Success; 'authorize-failure': Authorization Failure; 'timeout-error': Timeout; 'other-error': Other Error; 'request': Request; 'ssl-session-created': TLS/SSL Session Created; 'ssl-session-failure': TLS/SSL Session Failure; 'pw_expiry': Password expiry; 'pw_change_success': Password change success; 'pw_change_failure': Password change failure; ", "enum":[ "all", "admin-bind-success", "admin-bind-failure", "bind-success", "bind-failure", "search-success", "search-failure", "authorize-success", "authorize-failure", "timeout-error", "other-error", "request", "ssl-session-created", "ssl-session-failure", "pw_expiry", "pw_change_success", "pw_change_failure" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-ldap-inst-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] } } }, "ocsp":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/server/ocsp", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'stapling-certificate-good': Total OCSP Stapling Good Certificate Response; 'stapling-certificate-revoked': Total OCSP Stapling Revoked Certificate Response; 'stapling-certificate-unknown': Total OCSP Stapling Unknown Certificate Response; 'stapling-request-normal': Total OSCP Stapling Normal Request; 'stapling-request-dropped': Total OCSP Stapling Dropped Request; 'stapling-response-success': Total OCSP Stapling Success Response; 'stapling-response-failure': Total OCSP Stapling Failure Response; 'stapling-response-error': Total OCSP Stapling Error Response; 'stapling-response-timeout': Total OCSP Stapling Timeout Response; 'stapling-response-other': Total OCSP Stapling Other Response; 'request-normal': Total OSCP Normal Request; 'request-dropped': Total OCSP Dropped Request; 'response-success': Total OCSP Success Response; 'response-failure': Total OCSP Failure Response; 'response-error': Total OCSP Error Response; 'response-timeout': Total OCSP Timeout Response; 'response-other': Total OCSP Other Response; 'job-start-error': Total OCSP Job Start Error; 'polling-control-error': Total OCSP Polling Control Error; ", "enum":[ "all", "stapling-certificate-good", "stapling-certificate-revoked", "stapling-certificate-unknown", "stapling-request-normal", "stapling-request-dropped", "stapling-response-success", "stapling-response-failure", "stapling-response-error", "stapling-response-timeout", "stapling-response-other", "request-normal", "request-dropped", "response-success", "response-failure", "response-error", "response-timeout", "response-other", "job-start-error", "polling-control-error" ] } } } ] }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/ocsp/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify OCSP authentication server name", "optional":false }, "url":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":255, "partition-visibility":"shared", "description":"Specify the OCSP server's address (Format: http://host[:port]/) (The OCSP server's address(Format: http://host[:port]/))", "optional":true }, "responder-ca":{ "type":"string", "format":"string", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Specify the trusted OCSP responder's CA cert filename", "optional":true }, "responder-cert":{ "type":"string", "format":"string", "minLength":1, "maxLength":245, "partition-visibility":"shared", "description":"Specify the trusted OCSP responder's cert filename", "optional":true }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "port-health-check":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"port-health-check-disable", "description":"Check port's health status", "optional":true }, "port-health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"port-health-check", "description":"Disable configured port health check configuration", "optional":true }, "http-version":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Set HTTP version (default 1.0)", "optional":true }, "version-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'1.1': HTTP version 1.1; ", "enum":[ "1.1" ], "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'request': Request; 'certificate-good': Good Certificate Response; 'certificate-revoked': Revoked Certificate Response; 'certificate-unknown': Unknown Certificate Response; 'timeout': Timeout; 'fail': Handle OCSP response failed; 'stapling-request': OCSP Stapling Request Send; 'stapling-certificate-good': OCSP Stapling Good Certificate Response; 'stapling-certificate-revoked': OCSP Stapling Revoked Certificate Response; 'stapling-certificate-unknown': OCSP Stapling Unknown Certificate Response; 'stapling-timeout': OCSP Stapling Timeout; 'stapling-fail': Handle OCSP response failed; ", "enum":[ "all", "request", "certificate-good", "certificate-revoked", "certificate-unknown", "timeout", "fail", "stapling-request", "stapling-certificate-good", "stapling-certificate-revoked", "stapling-certificate-unknown", "stapling-timeout", "stapling-fail" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-ocsp-inst-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] } } }, "radius":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/server/radius", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'authen_success': Total Authentication Success; 'authen_failure': Total Authentication Failure; 'authorize_success': Total Authorization Success; 'authorize_failure': Total Authorization Failure; 'access_challenge': Total Access-Challenge Message Receive; 'timeout_error': Total Timeout; 'other_error': Total Other Error; 'request': Total Request; 'request-normal': Total Normal Request; 'request-dropped': Total Dropped Request; 'response-success': Total Success Response; 'response-failure': Total Failure Response; 'response-error': Total Error Response; 'response-timeout': Total Timeout Response; 'response-other': Total Other Response; 'job-start-error': Total Job Start Error; 'polling-control-error': Total Polling Control Error; 'accounting-request-sent': Accounting-Request Sent; 'accounting-success': Accounting Success; 'accounting-failure': Accounting Failure; ", "enum":[ "all", "authen_success", "authen_failure", "authorize_success", "authorize_failure", "access_challenge", "timeout_error", "other_error", "request", "request-normal", "request-dropped", "response-success", "response-failure", "response-error", "response-timeout", "response-other", "job-start-error", "polling-control-error", "accounting-request-sent", "accounting-success", "accounting-failure" ] } } } ] }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/radius/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify RADIUS authentication server name", "optional":false }, "host":{ "type":"object", "properties":{ "hostip":{ "type":"string", "format":"host", "minLength":1, "maxLength":31, "partition-visibility":"shared", "not":"hostipv6", "description":"Server's hostname(Length 1-31) or IP address" }, "hostipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "not":"hostip", "description":"Server's IPV6 address" } } }, "secret":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Specify the RADIUS server's secret", "optional":true }, "secret-string":{ "type":"string", "format":"password", "minLength":1, "maxLength":128, "partition-visibility":"shared", "description":"The RADIUS server's secret", "optional":true }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)", "optional":true }, "port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":1812, "partition-visibility":"shared", "description":"Specify the RADIUS server's authentication port, default is 1812", "optional":true }, "port-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"port-hm-disable", "description":"Check port's health status", "optional":true }, "port-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"port-hm", "description":"Disable configured port health check configuration", "optional":true }, "interval":{ "type":"number", "format":"number", "minimum":1, "maximum":1024, "default":3, "partition-visibility":"shared", "description":"Specify the interval time for resend the request (second), default is 3 seconds (The interval time(second), default is 3 seconds)", "optional":true }, "retry":{ "type":"number", "format":"number", "minimum":1, "maximum":32, "default":5, "partition-visibility":"shared", "description":"Specify the retry number for resend the request, default is 5 (The retry number, default is 5)", "optional":true }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "accounting-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":1813, "partition-visibility":"shared", "description":"Specify the RADIUS server's accounting port, default is 1813", "optional":true }, "acct-port-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"acct-port-hm-disable", "description":"Specify accounting port health check method", "optional":true }, "acct-port-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"acct-port-hm", "description":"Disable configured accounting port health check configuration", "optional":true }, "auth-type":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'pap': PAP authentication. Default; 'mschapv2': MS-CHAPv2 authentication; 'mschapv2-pap': Use MS-CHAPv2 first. If server doesn't support it, try PAP; ", "enum":[ "pap", "mschapv2", "mschapv2-pap" ], "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'authen_success': Authentication Success; 'authen_failure': Authentication Failure; 'authorize_success': Authorization Success; 'authorize_failure': Authorization Failure; 'access_challenge': Access-Challenge Message Receive; 'timeout_error': Timeout; 'other_error': Other Error; 'request': Request; 'accounting-request-sent': Accounting-Request Sent; 'accounting-success': Accounting Success; 'accounting-failure': Accounting Failure; ", "enum":[ "all", "authen_success", "authen_failure", "authorize_success", "authorize_failure", "access_challenge", "timeout_error", "other_error", "request", "accounting-request-sent", "accounting-success", "accounting-failure" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-rad-inst-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] } } }, "windows":{ "type":"object", "$ref":"/axapi/v3/aam/authentication/server/windows", "properties":{ "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object" }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'kerberos-request-send': Total Kerberos Request; 'kerberos-response-get': Total Kerberos Response; 'kerberos-timeout-error': Total Kerberos Timeout; 'kerberos-other-error': Total Kerberos Other Error; 'ntlm-authentication-success': Total NTLM Authentication Success; 'ntlm-authentication-failure': Total NTLM Authentication Failure; 'ntlm-proto-negotiation-success': Total NTLM Protocol Negotiation Success; 'ntlm-proto-negotiation-failure': Total NTLM Protocol Negotiation Failure; 'ntlm-session-setup-success': Total NTLM Session Setup Success; 'ntlm-session-setup-failed': Total NTLM Session Setup Failure; 'kerberos-request-normal': Total Kerberos Normal Request; 'kerberos-request-dropped': Total Kerberos Dropped Request; 'kerberos-response-success': Total Kerberos Success Response; 'kerberos-response-failure': Total Kerberos Failure Response; 'kerberos-response-error': Total Kerberos Error Response; 'kerberos-response-timeout': Total Kerberos Timeout Response; 'kerberos-response-other': Total Kerberos Other Response; 'kerberos-job-start-error': Total Kerberos Job Start Error; 'kerberos-polling-control-error': Total Kerberos Polling Control Error; 'ntlm-prepare-req-success': Total NTLM Prepare Request Success; 'ntlm-prepare-req-failed': Total NTLM Prepare Request Failed; 'ntlm-timeout-error': Total NTLM Timeout; 'ntlm-other-error': Total NTLM Other Error; 'ntlm-request-normal': Total NTLM Normal Request; 'ntlm-request-dropped': Total NTLM Dropped Request; 'ntlm-response-success': Total NTLM Success Response; 'ntlm-response-failure': Total NTLM Failure Response; 'ntlm-response-error': Total NTLM Error Response; 'ntlm-response-timeout': Total NTLM Timeout Response; 'ntlm-response-other': Total NTLM Other Response; 'ntlm-job-start-error': Total NTLM Job Start Error; 'ntlm-polling-control-error': Total NTLM Polling Control Error; 'kerberos-pw-expiry': Total Kerberos password expiry; 'kerberos-pw-change-success': Total Kerberos password change success; 'kerberos-pw-change-failure': Total Kerberos password change failure; 'kerberos-validate-kdc-success': Total Kerberos KDC Validation Success; 'kerberos-validate-kdc-failure': Total Kerberos KDC Validation Failure; 'kerberos-generate-kdc-keytab-success': Total Kerberos KDC Keytab Generation Success; 'kerberos-generate-kdc-keytab-failure': Total Kerberos KDC Keytab Generation Failure; 'kerberos-delete-kdc-keytab-success': Total Kerberos KDC Keytab Deletion Success; 'kerberos-delete-kdc-keytab-failure': Total Kerberos KDC Keytab Deletion Failure; 'kerberos-kdc-keytab-count': Current Kerberos KDC Keytab Count; ", "enum":[ "all", "kerberos-request-send", "kerberos-response-get", "kerberos-timeout-error", "kerberos-other-error", "ntlm-authentication-success", "ntlm-authentication-failure", "ntlm-proto-negotiation-success", "ntlm-proto-negotiation-failure", "ntlm-session-setup-success", "ntlm-session-setup-failed", "kerberos-request-normal", "kerberos-request-dropped", "kerberos-response-success", "kerberos-response-failure", "kerberos-response-error", "kerberos-response-timeout", "kerberos-response-other", "kerberos-job-start-error", "kerberos-polling-control-error", "ntlm-prepare-req-success", "ntlm-prepare-req-failed", "ntlm-timeout-error", "ntlm-other-error", "ntlm-request-normal", "ntlm-request-dropped", "ntlm-response-success", "ntlm-response-failure", "ntlm-response-error", "ntlm-response-timeout", "ntlm-response-other", "ntlm-job-start-error", "ntlm-polling-control-error", "kerberos-pw-expiry", "kerberos-pw-change-success", "kerberos-pw-change-failure", "kerberos-validate-kdc-success", "kerberos-validate-kdc-failure", "kerberos-generate-kdc-keytab-success", "kerberos-generate-kdc-keytab-failure", "kerberos-delete-kdc-keytab-success", "kerberos-delete-kdc-keytab-failure", "kerberos-kdc-keytab-count" ] } } } ] }, "instance-list":{ "type":"array", "minItems":1, "items":{ "type":"instance" }, "uniqueItems":true, "$ref":"/axapi/v3/aam/authentication/server/windows/instance/{name}", "array":[ { "properties":{ "name":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify Windows authentication server name", "optional":false }, "host":{ "type":"object", "properties":{ "hostip":{ "type":"string", "format":"host", "minLength":1, "maxLength":31, "partition-visibility":"shared", "not":"hostipv6", "description":"Specify the Windows server's hostname(Length 1-31) or IP address" }, "hostipv6":{ "type":"string", "format":"ipv6-address", "partition-visibility":"shared", "not":"hostip", "description":"Specify the Windows server's IPV6 address" } } }, "timeout":{ "type":"number", "format":"number", "minimum":1, "maximum":255, "default":10, "partition-visibility":"shared", "description":"Specify connection timeout to server, default is 10 seconds", "optional":true }, "auth-protocol":{ "type":"object", "properties":{ "ntlm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable NTLM authentication protocol" }, "ntlm-version":{ "type":"number", "format":"number", "minimum":1, "maximum":2, "default":2, "partition-visibility":"shared", "description":"Specify NTLM version, default is 2" }, "ntlm-health-check":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"ntlm-health-check-disable", "description":"Check NTLM port's health status" }, "ntlm-health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"ntlm-health-check", "description":"Disable configured NTLM port health check configuration" }, "kerberos-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Disable Kerberos authentication protocol" }, "kerberos-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":88, "partition-visibility":"shared", "description":"Specify the Kerberos port, default is 88" }, "kport-hm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "not":"kport-hm-disable", "description":"Check Kerberos port's health status" }, "kport-hm-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"kport-hm", "description":"Disable configured Kerberos port health check configuration" }, "kerberos-password-change-port":{ "type":"number", "format":"number", "minimum":1, "maximum":65534, "default":464, "partition-visibility":"shared", "description":"Specify the Kerbros password change port, default is 464" }, "kdc-validate":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable KDC validation" }, "kerberos-kdc-validation":{ "type":"object", "properties":{ "kdc-spn":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify SPN for KDC validation" }, "kdc-account":{ "type":"string", "format":"string-rlx", "minLength":1, "maxLength":127, "partition-visibility":"shared", "description":"Specify account for KDC validation" }, "kdc-password":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Specify account password" }, "kdc-pwd":{ "type":"string", "format":"password", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Account password" }, "encrypted":{ "type":"encrypted", "format":"encrypted", "partition-visibility":"shared", "description":"Do NOT use this option manually. (This is an A10 reserved keyword.)" } } } } }, "realm":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "description":"Specify realm of Windows server", "optional":true }, "support-apacheds-kdc":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "description":"Enable weak cipher (DES CRC/MD5/MD4) and merge AS-REQ in single packet", "optional":true }, "health-check":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check-disable", "description":"Check server's health status", "optional":true }, "health-check-string":{ "type":"string", "format":"string", "minLength":1, "maxLength":63, "partition-visibility":"shared", "$ref":"/axapi/v3/health/monitor", "description":"Health monitor name", "optional":true }, "health-check-disable":{ "type":"number", "format":"flag", "default":0, "partition-visibility":"shared", "not":"health-check", "description":"Disable configured health check configuration", "optional":true }, "uuid":{ "type":"string", "format":"string", "minLength":1, "maxLength":64, "partition-visibility":"shared", "modify-not-allowed":1, "description":"uuid of the object", "optional":true }, "sampling-enable":{ "type":"array", "minItems":1, "items":{ "type":"object" }, "uniqueItems":true, "array":[ { "properties":{ "counters1":{ "type":"string", "format":"enum", "partition-visibility":"shared", "description":"'all': all; 'krb_send_req_success': Kerberos Request; 'krb_get_resp_success': Kerberos Response; 'krb_timeout_error': Kerberos Timeout; 'krb_other_error': Kerberos Other Error; 'krb_pw_expiry': Kerberos password expiry; 'krb_pw_change_success': Kerberos password change success; 'krb_pw_change_failure': Kerberos password change failure; 'ntlm_proto_nego_success': NTLM Protocol Negotiation Success; 'ntlm_proto_nego_failure': NTLM Protocol Negotiation Failure; 'ntlm_session_setup_success': NTLM Session Setup Success; 'ntlm_session_setup_failure': NTLM Session Setup Failure; 'ntlm_prepare_req_success': NTLM Prepare Request Success; 'ntlm_prepare_req_error': NTLM Prepare Request Error; 'ntlm_auth_success': NTLM Authentication Success; 'ntlm_auth_failure': NTLM Authentication Failure; 'ntlm_timeout_error': NTLM Timeout; 'ntlm_other_error': NTLM Other Error; 'krb_validate_kdc_success': Kerberos KDC Validation Success; 'krb_validate_kdc_failure': Kerberos KDC Validation Failure; ", "enum":[ "all", "krb_send_req_success", "krb_get_resp_success", "krb_timeout_error", "krb_other_error", "krb_pw_expiry", "krb_pw_change_success", "krb_pw_change_failure", "ntlm_proto_nego_success", "ntlm_proto_nego_failure", "ntlm_session_setup_success", "ntlm_session_setup_failure", "ntlm_prepare_req_success", "ntlm_prepare_req_error", "ntlm_auth_success", "ntlm_auth_failure", "ntlm_timeout_error", "ntlm_other_error", "krb_validate_kdc_success", "krb_validate_kdc_failure" ] } } } ] }, "packet-capture-template":{ "type":"string", "format":"string", "minLength":1, "maxLength":128, "partition-visibility":"shared", "$ref":"/axapi/v3/visibility/packet-capture/object-templates/aam-auth-server-win-inst-tmpl", "description":"Name of the packet capture template to be bind with this object", "optional":true } }, "required":[ "name" ] } ] } } } } }