update-ldap-provider¶

Description¶

Update an LDAP provider.

Synopsis¶

  update-ldap-provider
--ldap-provider-name <value>
--url <value>
--user-search-base <value>
--user-search-filter <value>
--group-search-base <value>
--group-search-filter <value>
--username-mapping-attribute <value>
[--bind-dn <value>]
[--bind-password <value>]
[--user-bind-property <value>]
[--group-dn-property <value>]
[--email-mapping-attribute <value>]
[--first-name-mapping-attribute <value>]
[--last-name-mapping-attribute <value>]
[--group-name-mapping-attribute <value>]
[--tls-ca-certificates <value>]
[--skip-group-sync-on-login | --no-skip-group-sync-on-login]
[--start-tls | --no-start-tls]
[--cli-input-json <value>]
[--generate-cli-skeleton]

Options¶

--ldap-provider-name (string)

The name or CRN of LDAP provider to update.

--url (string)

The URL of the LDAP server. The URL must be prefixed with ldap:// or ldaps://. The URL can optionally specify a custom port, for example ldaps://ldap.example.org:663.

--user-search-base (string)

Part of the directory tree under which to search for users. For example, ou=users,dc=example,dc=org.

--user-search-filter (string)

The search filter to use for finding users. For example, (uid={{username}}).

--group-search-base (string)

The distinguished name indicating the path within the directory information tree to begin user searches from. For example, ou=groups,dc=example,dc=com.

--group-search-filter (string)

The search filter to use for finding groups for authorization of authenticated users.

--username-mapping-attribute (string)

The LDAP displayName attribute name, will be used as the user’s name. For example, uid, sAMAccountName.

--bind-dn (string)

Bind DN. For example, uid=myapp,ou=users,dc=example,dc=org.Optional. It is required if bind is not anonymous.

--bind-password (string)

The password of the bind user.

--user-bind-property (string)

Property of the LDAP user object to use when binding to verify the password. For example, dn.

--group-dn-property (string)

The property of user object to use in {{dn}} interpolation of groupSearchFilter.

--email-mapping-attribute (string)

The LDAP email attribute name, will be used as the user’s email. For example, mail.

--first-name-mapping-attribute (string)

The LDAP attribute used as firstname , will be used as the user’s firstname. For example, givenName.

--last-name-mapping-attribute (string)

The LDAP sn attribute name, will be used as the user’s lastname. For example, sn.

--group-name-mapping-attribute (string)

The LDAP group attribute name, will be used for user’s group. For example, cn, name.

--tls-ca-certificates (array)

If the ldaps:// server uses a self-signed SSL certificate or a certificate issued by a private Certificate Authority (CA), you need to provide the trusted certificates that can be used to validate the LDAP server certificate.

Syntax:

"string" "string" ...

--skip-group-sync-on-login | --no-skip-group-sync-on-login (boolean)

Whether to skip syncing groups.

--start-tls | --no-start-tls (boolean)

Whether a start TLS request should be initiated on connect.

--cli-input-json (string)

Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values.

--generate-cli-skeleton (boolean)

Prints a sample input JSON to standard output. Note the specified operation is not run if this argument is specified. The sample input can be used as an argument for --cli-input-json.

Output¶

ldapProvider -> (object)

LDAP Provider details.

identityProviderConnectorId -> (string)

The unique ID of the LDAP provider.

ldapProviderName -> (string)

Name of the LDAP provider connector.

crn -> (string)

The LDAP provider connector CRN.

skipGroupSyncOnLogin -> (boolean)

Indicates whether group sync is skipped or not.

creationDate -> (integer)

The creation date in ms from the java epoch of 1970-01-01T00:00:00Z.

ldapDetails -> (object)

Information about an LDAP provider connector.

url -> (string)

The URL of the LDAP server.

userSearchBase -> (string)

Part of the directory tree under which to search for users.

userSearchFilter -> (string)

The search filter to use for finding users.

groupSearchBase -> (string)

Part of the directory tree under which group searches should be performed.

groupSearchFilter -> (string)

Filter which is used to search for group membership.

bindDn -> (string)

Bind DN.

userBindProperty -> (string)

Property of the LDAP user object to use when binding to the LDAP directory.

groupDnProperty -> (string)

The property of user object to use in {{dn}} interpolation of groupSearchFilter.

usernameMappingAttribute -> (string)

The LDAP displayName attribute name, will be used as the user’s name.

emailMappingAttribute -> (string)

The LDAP email attribute name, will be used as the user’s email.

firstNameMappingAttribute -> (string)

The LDAP attribute used as firstname , will be used as the user’s firstname.

lastNameMappingAttribute -> (string)

The LDAP sn attribute name, will be used as the user’s lastname.

groupNameMappingAttribute -> (string)

The LDAP group attribute name, will be used as for user’s group.

tlsCaCertificates -> (array)

If your ldaps:// server uses a self-signed SSL certificate or a certificate issued by a private Certificate Authority (CA), you need to provide the trusted certificates that can be used to validate the LDAP server certificate.

item -> (string)

startTls -> (boolean)

Indicates whether a start TLS request should be initiated on connect.

Form Factors¶

private