CreateLdapDirectoryInput
CreateLdapDirectoryInput
CreateLdapDirectoryInput
Input type to create an LDAP directory
base |
String! | The base DN of the LDAP directory to connect to |
connectivityTestFilter |
String | Optional connectivityTestFilter of the LDAP directory to store a test filter to be used by the connectivity control for testing LDAP connections. |
description |
String | Optional description of the LDAP directory to create |
disabledGroupFilter |
String | Optional disabledGroupFilter of the LDAP directory to filter out disabled groups in the LDAP server. If not specified then (description=disabled) is used. |
disabledUserFilter |
String | Optional disabledUserFilter of the LDAP directory to connect to. If not specified then !(userAccountControl:1.2.840.113556.1.4.803:=2) is used |
distinguishedName |
String! | The distinguishedName of the LDAP directory account to connect as |
groupCanonicalNameAttribute |
String | Optional groupCanonicalNameAttribute of the LDAP directory to connect to. If not specified then cn is used |
groupMemberOfAttribute |
String | Optional groupMemberOfAttribute of the LDAP directory to store the attribute name where parent groups of a group/user are stored. |
groupMembershipAttribute |
String | Optional groupMembershipAttribute of the LDAP directory to store the attribute name where member groups/users of a group are stored. |
groupObjectFilter |
String | Optional groupObjectFilter of the LDAP directory to connect to. If not specified then (objectCategory=group) is used |
groupProfileIdTemplate |
String | Optional groupProfileIdTemplate of the LDAP directory to create |
groupSearchFilter |
String | Optional groupSearchFilter of the LDAP directory to connect to. The provided filter is Nunjucks rendered with groupname provided as a data parameter. If not specified then (|(sAMAccountName={{groupname}}*)(mail={{groupname}}*)(cn={{groupname}}*)) is used |
groupSyncFilter |
String | Optional groupSyncFilter of the LDAP directory to connect to. This filter will find groups to sync, subject to the base and groupObjectFilter. |
parent |
ID! | The parent of the LDAP directory to create, either as an id, or an AKA |
password |
String! | The password of the LDAP directory account to connect as |
profileIdTemplate |
String! | The profileIdTemplate of the LDAP directory to create |
rejectUnauthorized |
Boolean! | Mandatory rejectUnauthorized of the LDAP directory indicating whether unauthorized LDAP server requests should be rejected or not. |
status |
DirectoryStatus! | The status of the LDAP directory to create |
tags |
Scalar | Optional tags for the LDAP directory to create |
title |
String! | The title of the LDAP directory to create |
tlsEnabled |
Boolean! | Mandatory tlsEnabled of the LDAP directory indicating whether server side TLS encryption is enabled for the LDAP Connection. |
tlsServerCertificate |
String | Optional tlsServerCertificate of the LDAP directory to store the root certificate for TLS encryption. |
url |
String! | The url of the LDAP directory to connect to |
userCanonicalNameAttribute |
String | Optional userCanonicalNameAttribute of the LDAP directory to connect to. If not specified then cn is used |
userDisplayNameAttribute |
String | Optional userDisplayNameAttribute of the LDAP directory to connect to. If not specified then displayName is used |
userEmailAttribute |
String | Optional userEmailAttribute of the LDAP directory to connect to. If not specified then mail is used |
userFamilyNameAttribute |
String | Optional userFamilyNameAttribute of the LDAP directory to connect to. If not specified then sn is used |
userGivenNameAttribute |
String | Optional userGivenNameAttribute of the LDAP directory to connect to. If not specified then givenName is used |
userMatchFilter |
String | Optional userMatchFilter of the LDAP directory to connect to. |
userObjectFilter |
String | Optional userObjectFilter of the LDAP directory to connect to. If not specified then (objectCategory=user) is used |
userSearchAttributes |
[String!] | Optional userSearchAttributes of the LDAP directory to connect to. If not specified then this defaults to ["*"]. If attributes other than "*" are specified, then additionally the values for userDisplayNameAttribute and userAccountNameAttribute are included |
userSearchFilter |
String | Optional userSearchFilter of the LDAP directory to connect to. The provided filter is Nunjucks rendered with username provided as a data parameter. If not specified then (|(sAMAccountName={{username}}*)(mail={{username}}*)(givenName={{username}}*)(sn={{username}}*)) is used |