LDAP Web Services
Overview
Universal Controller supports the following RESTful-based web services for LDAP Settings, which are listed alphabetically on this page.
Formatting specifications for each web service, including details about parameter requirements, are provided.
Read LDAP Settings
Description | |
---|---|
Consumes Content-Type | N/A |
Description | Get LDAP Settings |
Authentication | HTTP Basic |
URI | http://host_name/uc/resources/ldap |
HTTP Method | GET |
Example URI | http://localhost:8080/uc/resources/ldap |
Produces Content-Type | application/xml, application/json |
Read LDAP Settings: XML and JSON Examples
XML | JSON |
---|---|
Update LDAP Settings
Description | |
---|---|
Consumes Content-Type | application/xml, application/json |
Description | Modify LDAP Settings |
Authentication | HTTP Basic |
URI | http://host_name/uc/resources/ldap |
HTTP Method | PUT |
Example URI | http://localhost:8080/uc/resources/ldap |
Produces Content-Type | application/xml, application/json |
Example Responses |
|
Update LDAP Settings: XML and JSON Examples
XML | JSON |
---|---|
LDAP: Request Properties
Property | UI Field | Description | Required |
---|---|---|---|
| Allow Local Login | If the LDAP Synchronization Enabled Universal Controller system property is false, or if it is true but the Use for Authentication field is not enabled, an administrator must explicitly specify Allow Local Login to allow local account login for users that were provisioned through LDAP synchronization. | N |
| Base DN | Starting point for searching the directory. For example: dc=stonebranch,dc=com. If you do not specify a Base DN, the search starts as the root of the directory tree. | N |
| URL | URL of the LDAP connection. | Y |
| Bind DN or User | Distinguished Name (DN) or User ID used for initial access to the LDAP server. | N |
| Bind Password | N | |
| Use for Authentication | If enabled, indicates that LDAP will be used for password authentication. | N |
| User Id Attribute | LDAP attribute for the specified User ID.
| Y |
| User Filter | Search filter for users. | N |
| User Target OU List | Single- or multi-level target OU's (Organizational Units) within the Base DN directory to filter for user records. | N |
| Group Filter | Search filter for groups. | N |
| Group Target OU List | Single- or multi-level target OU's within the Base DN directory to filter for group records. | N |
| Connect Timeout (Seconds) | Timeout for connecting to the LDAP server. | N |
| Read Timeout (Seconds) | Timeout for reading from the LDAP server. | N |
| User Membership Attribute | LDAP attribute for the groups in which a user is a member. If you do not specify a User Membership Attribute, the LDAP server uses memberOf (see the uc.ldap.users.synchronize_indirect Universal Controller start-up property. | N |
| Group Member Attribute | LDAP attribute for the members of a group. If you do not specify a Group Member Attribute, the LDAP server uses member (see the uc.ldap.groups.update_members Universal Controller start-up property. | N |
| Login Method | Login method(s) that an LDAP-provisioned user can authenticate with by default. The default is applied only at user creation time.
| Y |
| List of Controller columns mapped to LDAP attributes. |
LDAP: Mapping Properties
Property | UI Field | Description | Required |
---|---|---|---|
| Type | Type of records. | Y |
| Column | Controller column being mapped to LDAP attribute. | Y |
| Attribute | LDAP attribute to which the Controller column is being mapped. | N |
Update LDAP Bind Password
Description | |
---|---|
Consumes Content-Type | N/A |
Description | Modify LDAP Settings Bind Password |
Authentication | HTTP Basic |
URI | http://host_name/uc/resources/ldap/changeBindPwd http://host_name/uc/resources/ldap/changebindpwd |
HTTP Method | POST |
Example URI | http://localhost:8080/uc/resources/ldap/changebindpwd http://localhost:8080/uc/resources/ldap/changeBindPwd |
Produces Content-Type | application/xml, application/json |
Body | New Password |