powerscale.LdapProvider
Explore with Pulumi AI
This resource is used to manage the LDAP provider entity of PowerScale Array. We can Create, Update and Delete the LDAP provider using this resource. We can also import an existing LDAP provider from PowerScale array. PowerScale LDAP provider enables you to define, query, and modify directory services and resources.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as powerscale from "@pulumi/powerscale";
// PowerScale LDAP provider enables you to define, query, and modify directory services and resources.
const exampleLdapProvider = new powerscale.LdapProvider("exampleLdapProvider", {
    alternateSecurityIdentitiesAttribute: "altSecurityIdentities",
    authentication: true,
    balanceServers: true,
    baseDn: "dc=tthe,dc=testLdap,dc=com",
    bindDn: "",
    bindMechanism: "simple",
    bindTimeout: 10,
    certificateAuthorityFile: "",
    checkOnlineInterval: 100,
    cnAttribute: "cn",
    createHomeDirectory: false,
    cryptPasswordAttribute: "",
    emailAttribute: "mail",
    enabled: true,
    enumerateGroups: true,
    enumerateUsers: true,
    findableGroups: [],
    findableUsers: [],
    gecosAttribute: "gecos",
    gidAttribute: "gidNumber",
    groupBaseDn: "",
    groupDomain: "LDAP_GROUPS",
    groupFilter: "(objectClass=posixGroup)",
    groupMembersAttribute: "memberUid",
    groupSearchScope: "default",
    groupnet: "groupnet0",
    homeDirectoryTemplate: "",
    homedirAttribute: "homeDirectory",
    ignoreTlsErrors: false,
    ignoreUnresolvableServerUrls: false,
    listableGroups: [],
    listableUsers: [],
    loginShell: "/bin/bash",
    memberLookupMethod: "default",
    memberOfAttribute: "",
    nameAttribute: "uid",
    netgroupBaseDn: "",
    netgroupFilter: "(objectClass=nisNetgroup)",
    netgroupMembersAttribute: "memberNisNetgroup",
    netgroupSearchScope: "default",
    netgroupTripleAttribute: "nisNetgroupTriple",
    normalizeGroups: false,
    normalizeUsers: false,
    ntPasswordAttribute: "",
    ntlmSupport: "all",
    providerDomain: "",
    requireSecureConnection: false,
    restrictFindable: true,
    restrictListable: false,
    searchScope: "subtree",
    searchTimeout: 100,
    serverUris: ["ldap://10.225.108.54"],
    shadowExpireAttribute: "shadowExpire",
    shadowFlagAttribute: "shadowFlag",
    shadowInactiveAttribute: "shadowInactive",
    shadowLastChangeAttribute: "shadowLastChange",
    shadowMaxAttribute: "shadowMax",
    shadowMinAttribute: "shadowMin",
    shadowUserFilter: "(objectClass=shadowAccount)",
    shadowWarningAttribute: "shadowWarning",
    shellAttribute: "loginShell",
    sshPublicKeyAttribute: "sshPublicKey",
    status: "online",
    system: false,
    tlsProtocolMin: "1.2",
    uidAttribute: "uidNumber",
    unfindableGroups: [
        "wheel",
        "0",
        "insightiq",
        "15",
        "isdmgmt",
        "16",
    ],
    unfindableUsers: [
        "root",
        "0",
        "insightiq",
        "15",
        "isdmgmt",
        "16",
    ],
    uniqueGroupMembersAttribute: "",
    unlistableGroups: [],
    unlistableUsers: [],
    userBaseDn: "",
    userDomain: "LDAP_USERS",
    userFilter: "(objectClass=posixAccount)",
    userSearchScope: "default",
});
import pulumi
import pulumi_powerscale as powerscale
# PowerScale LDAP provider enables you to define, query, and modify directory services and resources.
example_ldap_provider = powerscale.LdapProvider("exampleLdapProvider",
    alternate_security_identities_attribute="altSecurityIdentities",
    authentication=True,
    balance_servers=True,
    base_dn="dc=tthe,dc=testLdap,dc=com",
    bind_dn="",
    bind_mechanism="simple",
    bind_timeout=10,
    certificate_authority_file="",
    check_online_interval=100,
    cn_attribute="cn",
    create_home_directory=False,
    crypt_password_attribute="",
    email_attribute="mail",
    enabled=True,
    enumerate_groups=True,
    enumerate_users=True,
    findable_groups=[],
    findable_users=[],
    gecos_attribute="gecos",
    gid_attribute="gidNumber",
    group_base_dn="",
    group_domain="LDAP_GROUPS",
    group_filter="(objectClass=posixGroup)",
    group_members_attribute="memberUid",
    group_search_scope="default",
    groupnet="groupnet0",
    home_directory_template="",
    homedir_attribute="homeDirectory",
    ignore_tls_errors=False,
    ignore_unresolvable_server_urls=False,
    listable_groups=[],
    listable_users=[],
    login_shell="/bin/bash",
    member_lookup_method="default",
    member_of_attribute="",
    name_attribute="uid",
    netgroup_base_dn="",
    netgroup_filter="(objectClass=nisNetgroup)",
    netgroup_members_attribute="memberNisNetgroup",
    netgroup_search_scope="default",
    netgroup_triple_attribute="nisNetgroupTriple",
    normalize_groups=False,
    normalize_users=False,
    nt_password_attribute="",
    ntlm_support="all",
    provider_domain="",
    require_secure_connection=False,
    restrict_findable=True,
    restrict_listable=False,
    search_scope="subtree",
    search_timeout=100,
    server_uris=["ldap://10.225.108.54"],
    shadow_expire_attribute="shadowExpire",
    shadow_flag_attribute="shadowFlag",
    shadow_inactive_attribute="shadowInactive",
    shadow_last_change_attribute="shadowLastChange",
    shadow_max_attribute="shadowMax",
    shadow_min_attribute="shadowMin",
    shadow_user_filter="(objectClass=shadowAccount)",
    shadow_warning_attribute="shadowWarning",
    shell_attribute="loginShell",
    ssh_public_key_attribute="sshPublicKey",
    status="online",
    system=False,
    tls_protocol_min="1.2",
    uid_attribute="uidNumber",
    unfindable_groups=[
        "wheel",
        "0",
        "insightiq",
        "15",
        "isdmgmt",
        "16",
    ],
    unfindable_users=[
        "root",
        "0",
        "insightiq",
        "15",
        "isdmgmt",
        "16",
    ],
    unique_group_members_attribute="",
    unlistable_groups=[],
    unlistable_users=[],
    user_base_dn="",
    user_domain="LDAP_USERS",
    user_filter="(objectClass=posixAccount)",
    user_search_scope="default")
package main
import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/powerscale/powerscale"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		// PowerScale LDAP provider enables you to define, query, and modify directory services and resources.
		_, err := powerscale.NewLdapProvider(ctx, "exampleLdapProvider", &powerscale.LdapProviderArgs{
			AlternateSecurityIdentitiesAttribute: pulumi.String("altSecurityIdentities"),
			Authentication:                       pulumi.Bool(true),
			BalanceServers:                       pulumi.Bool(true),
			BaseDn:                               pulumi.String("dc=tthe,dc=testLdap,dc=com"),
			BindDn:                               pulumi.String(""),
			BindMechanism:                        pulumi.String("simple"),
			BindTimeout:                          pulumi.Float64(10),
			CertificateAuthorityFile:             pulumi.String(""),
			CheckOnlineInterval:                  pulumi.Float64(100),
			CnAttribute:                          pulumi.String("cn"),
			CreateHomeDirectory:                  pulumi.Bool(false),
			CryptPasswordAttribute:               pulumi.String(""),
			EmailAttribute:                       pulumi.String("mail"),
			Enabled:                              pulumi.Bool(true),
			EnumerateGroups:                      pulumi.Bool(true),
			EnumerateUsers:                       pulumi.Bool(true),
			FindableGroups:                       pulumi.StringArray{},
			FindableUsers:                        pulumi.StringArray{},
			GecosAttribute:                       pulumi.String("gecos"),
			GidAttribute:                         pulumi.String("gidNumber"),
			GroupBaseDn:                          pulumi.String(""),
			GroupDomain:                          pulumi.String("LDAP_GROUPS"),
			GroupFilter:                          pulumi.String("(objectClass=posixGroup)"),
			GroupMembersAttribute:                pulumi.String("memberUid"),
			GroupSearchScope:                     pulumi.String("default"),
			Groupnet:                             pulumi.String("groupnet0"),
			HomeDirectoryTemplate:                pulumi.String(""),
			HomedirAttribute:                     pulumi.String("homeDirectory"),
			IgnoreTlsErrors:                      pulumi.Bool(false),
			IgnoreUnresolvableServerUrls:         pulumi.Bool(false),
			ListableGroups:                       pulumi.StringArray{},
			ListableUsers:                        pulumi.StringArray{},
			LoginShell:                           pulumi.String("/bin/bash"),
			MemberLookupMethod:                   pulumi.String("default"),
			MemberOfAttribute:                    pulumi.String(""),
			NameAttribute:                        pulumi.String("uid"),
			NetgroupBaseDn:                       pulumi.String(""),
			NetgroupFilter:                       pulumi.String("(objectClass=nisNetgroup)"),
			NetgroupMembersAttribute:             pulumi.String("memberNisNetgroup"),
			NetgroupSearchScope:                  pulumi.String("default"),
			NetgroupTripleAttribute:              pulumi.String("nisNetgroupTriple"),
			NormalizeGroups:                      pulumi.Bool(false),
			NormalizeUsers:                       pulumi.Bool(false),
			NtPasswordAttribute:                  pulumi.String(""),
			NtlmSupport:                          pulumi.String("all"),
			ProviderDomain:                       pulumi.String(""),
			RequireSecureConnection:              pulumi.Bool(false),
			RestrictFindable:                     pulumi.Bool(true),
			RestrictListable:                     pulumi.Bool(false),
			SearchScope:                          pulumi.String("subtree"),
			SearchTimeout:                        pulumi.Float64(100),
			ServerUris: pulumi.StringArray{
				pulumi.String("ldap://10.225.108.54"),
			},
			ShadowExpireAttribute:     pulumi.String("shadowExpire"),
			ShadowFlagAttribute:       pulumi.String("shadowFlag"),
			ShadowInactiveAttribute:   pulumi.String("shadowInactive"),
			ShadowLastChangeAttribute: pulumi.String("shadowLastChange"),
			ShadowMaxAttribute:        pulumi.String("shadowMax"),
			ShadowMinAttribute:        pulumi.String("shadowMin"),
			ShadowUserFilter:          pulumi.String("(objectClass=shadowAccount)"),
			ShadowWarningAttribute:    pulumi.String("shadowWarning"),
			ShellAttribute:            pulumi.String("loginShell"),
			SshPublicKeyAttribute:     pulumi.String("sshPublicKey"),
			Status:                    pulumi.String("online"),
			System:                    pulumi.Bool(false),
			TlsProtocolMin:            pulumi.String("1.2"),
			UidAttribute:              pulumi.String("uidNumber"),
			UnfindableGroups: pulumi.StringArray{
				pulumi.String("wheel"),
				pulumi.String("0"),
				pulumi.String("insightiq"),
				pulumi.String("15"),
				pulumi.String("isdmgmt"),
				pulumi.String("16"),
			},
			UnfindableUsers: pulumi.StringArray{
				pulumi.String("root"),
				pulumi.String("0"),
				pulumi.String("insightiq"),
				pulumi.String("15"),
				pulumi.String("isdmgmt"),
				pulumi.String("16"),
			},
			UniqueGroupMembersAttribute: pulumi.String(""),
			UnlistableGroups:            pulumi.StringArray{},
			UnlistableUsers:             pulumi.StringArray{},
			UserBaseDn:                  pulumi.String(""),
			UserDomain:                  pulumi.String("LDAP_USERS"),
			UserFilter:                  pulumi.String("(objectClass=posixAccount)"),
			UserSearchScope:             pulumi.String("default"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Powerscale = Pulumi.Powerscale;
return await Deployment.RunAsync(() => 
{
    // PowerScale LDAP provider enables you to define, query, and modify directory services and resources.
    var exampleLdapProvider = new Powerscale.LdapProvider("exampleLdapProvider", new()
    {
        AlternateSecurityIdentitiesAttribute = "altSecurityIdentities",
        Authentication = true,
        BalanceServers = true,
        BaseDn = "dc=tthe,dc=testLdap,dc=com",
        BindDn = "",
        BindMechanism = "simple",
        BindTimeout = 10,
        CertificateAuthorityFile = "",
        CheckOnlineInterval = 100,
        CnAttribute = "cn",
        CreateHomeDirectory = false,
        CryptPasswordAttribute = "",
        EmailAttribute = "mail",
        Enabled = true,
        EnumerateGroups = true,
        EnumerateUsers = true,
        FindableGroups = new[] {},
        FindableUsers = new[] {},
        GecosAttribute = "gecos",
        GidAttribute = "gidNumber",
        GroupBaseDn = "",
        GroupDomain = "LDAP_GROUPS",
        GroupFilter = "(objectClass=posixGroup)",
        GroupMembersAttribute = "memberUid",
        GroupSearchScope = "default",
        Groupnet = "groupnet0",
        HomeDirectoryTemplate = "",
        HomedirAttribute = "homeDirectory",
        IgnoreTlsErrors = false,
        IgnoreUnresolvableServerUrls = false,
        ListableGroups = new[] {},
        ListableUsers = new[] {},
        LoginShell = "/bin/bash",
        MemberLookupMethod = "default",
        MemberOfAttribute = "",
        NameAttribute = "uid",
        NetgroupBaseDn = "",
        NetgroupFilter = "(objectClass=nisNetgroup)",
        NetgroupMembersAttribute = "memberNisNetgroup",
        NetgroupSearchScope = "default",
        NetgroupTripleAttribute = "nisNetgroupTriple",
        NormalizeGroups = false,
        NormalizeUsers = false,
        NtPasswordAttribute = "",
        NtlmSupport = "all",
        ProviderDomain = "",
        RequireSecureConnection = false,
        RestrictFindable = true,
        RestrictListable = false,
        SearchScope = "subtree",
        SearchTimeout = 100,
        ServerUris = new[]
        {
            "ldap://10.225.108.54",
        },
        ShadowExpireAttribute = "shadowExpire",
        ShadowFlagAttribute = "shadowFlag",
        ShadowInactiveAttribute = "shadowInactive",
        ShadowLastChangeAttribute = "shadowLastChange",
        ShadowMaxAttribute = "shadowMax",
        ShadowMinAttribute = "shadowMin",
        ShadowUserFilter = "(objectClass=shadowAccount)",
        ShadowWarningAttribute = "shadowWarning",
        ShellAttribute = "loginShell",
        SshPublicKeyAttribute = "sshPublicKey",
        Status = "online",
        System = false,
        TlsProtocolMin = "1.2",
        UidAttribute = "uidNumber",
        UnfindableGroups = new[]
        {
            "wheel",
            "0",
            "insightiq",
            "15",
            "isdmgmt",
            "16",
        },
        UnfindableUsers = new[]
        {
            "root",
            "0",
            "insightiq",
            "15",
            "isdmgmt",
            "16",
        },
        UniqueGroupMembersAttribute = "",
        UnlistableGroups = new[] {},
        UnlistableUsers = new[] {},
        UserBaseDn = "",
        UserDomain = "LDAP_USERS",
        UserFilter = "(objectClass=posixAccount)",
        UserSearchScope = "default",
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.powerscale.LdapProvider;
import com.pulumi.powerscale.LdapProviderArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        // PowerScale LDAP provider enables you to define, query, and modify directory services and resources.
        var exampleLdapProvider = new LdapProvider("exampleLdapProvider", LdapProviderArgs.builder()
            .alternateSecurityIdentitiesAttribute("altSecurityIdentities")
            .authentication(true)
            .balanceServers(true)
            .baseDn("dc=tthe,dc=testLdap,dc=com")
            .bindDn("")
            .bindMechanism("simple")
            .bindTimeout(10)
            .certificateAuthorityFile("")
            .checkOnlineInterval(100)
            .cnAttribute("cn")
            .createHomeDirectory(false)
            .cryptPasswordAttribute("")
            .emailAttribute("mail")
            .enabled(true)
            .enumerateGroups(true)
            .enumerateUsers(true)
            .findableGroups()
            .findableUsers()
            .gecosAttribute("gecos")
            .gidAttribute("gidNumber")
            .groupBaseDn("")
            .groupDomain("LDAP_GROUPS")
            .groupFilter("(objectClass=posixGroup)")
            .groupMembersAttribute("memberUid")
            .groupSearchScope("default")
            .groupnet("groupnet0")
            .homeDirectoryTemplate("")
            .homedirAttribute("homeDirectory")
            .ignoreTlsErrors(false)
            .ignoreUnresolvableServerUrls(false)
            .listableGroups()
            .listableUsers()
            .loginShell("/bin/bash")
            .memberLookupMethod("default")
            .memberOfAttribute("")
            .nameAttribute("uid")
            .netgroupBaseDn("")
            .netgroupFilter("(objectClass=nisNetgroup)")
            .netgroupMembersAttribute("memberNisNetgroup")
            .netgroupSearchScope("default")
            .netgroupTripleAttribute("nisNetgroupTriple")
            .normalizeGroups(false)
            .normalizeUsers(false)
            .ntPasswordAttribute("")
            .ntlmSupport("all")
            .providerDomain("")
            .requireSecureConnection(false)
            .restrictFindable(true)
            .restrictListable(false)
            .searchScope("subtree")
            .searchTimeout(100)
            .serverUris("ldap://10.225.108.54")
            .shadowExpireAttribute("shadowExpire")
            .shadowFlagAttribute("shadowFlag")
            .shadowInactiveAttribute("shadowInactive")
            .shadowLastChangeAttribute("shadowLastChange")
            .shadowMaxAttribute("shadowMax")
            .shadowMinAttribute("shadowMin")
            .shadowUserFilter("(objectClass=shadowAccount)")
            .shadowWarningAttribute("shadowWarning")
            .shellAttribute("loginShell")
            .sshPublicKeyAttribute("sshPublicKey")
            .status("online")
            .system(false)
            .tlsProtocolMin("1.2")
            .uidAttribute("uidNumber")
            .unfindableGroups(            
                "wheel",
                "0",
                "insightiq",
                "15",
                "isdmgmt",
                "16")
            .unfindableUsers(            
                "root",
                "0",
                "insightiq",
                "15",
                "isdmgmt",
                "16")
            .uniqueGroupMembersAttribute("")
            .unlistableGroups()
            .unlistableUsers()
            .userBaseDn("")
            .userDomain("LDAP_USERS")
            .userFilter("(objectClass=posixAccount)")
            .userSearchScope("default")
            .build());
    }
}
resources:
  # PowerScale LDAP provider enables you to define, query, and modify directory services and resources.
  exampleLdapProvider:
    type: powerscale:LdapProvider
    properties:
      # Optional params for creating and updating.
      #     // Specifies the attribute name used when searching for alternate security identities.
      alternateSecurityIdentitiesAttribute: altSecurityIdentities
      # If true, enables authentication and identity management through the authentication provider.
      authentication: true
      # If true, connects the provider to a random server.
      balanceServers: true
      # Specifies the root of the tree in which to search identities.
      baseDn: dc=tthe,dc=testLdap,dc=com
      # Specifies the distinguished name for binding to the LDAP server.
      bindDn: ""
      # Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
      bindMechanism: simple
      # Specifies the timeout in seconds when binding to an LDAP server. Value should between 1 - 3600.
      bindTimeout: 10
      # Specifies the path to the root certificates file.
      certificateAuthorityFile: ""
      # Specifies the time in seconds between provider online checks. Value should between 0 - 3600.
      checkOnlineInterval: 100
      # Specifies the canonical name.
      cnAttribute: cn
      # Automatically create the home directory on the first login.
      createHomeDirectory: false
      # Specifies the hashed password value.
      cryptPasswordAttribute: ""
      # Specifies the LDAP Email attribute.
      emailAttribute: mail
      # If true, enables the LDAP provider.
      enabled: true
      # If true, allows the provider to enumerate groups.
      enumerateGroups: true
      # If true, allows the provider to enumerate users.
      enumerateUsers: true
      # Specifies the list of groups that can be resolved.
      findableGroups: []
      # Specifies the list of users that can be resolved.
      findableUsers: []
      # Specifies the LDAP GECOS attribute.
      gecosAttribute: gecos
      # Specifies the LDAP GID attribute.
      gidAttribute: gidNumber
      # Specifies the distinguished name of the entry where LDAP searches for groups are started.
      groupBaseDn: ""
      # Specifies the domain for this provider through which groups are qualified.
      groupDomain: LDAP_GROUPS
      # Specifies the LDAP filter for group objects.
      groupFilter: (objectClass=posixGroup)
      # Specifies the LDAP Group Members attribute.
      groupMembersAttribute: memberUid
      # Specifies the depth from the base DN to perform LDAP searches. 
      #     // Acceptable values: default, base, onelevel, subtree, children.
      groupSearchScope: default
      # Optional groupnet for creating. Specifies the groupnet identifier.
      groupnet: groupnet0
      # Specifies the path to the home directory template.
      homeDirectoryTemplate: ""
      # Specifies the LDAP Homedir attribute.
      homedirAttribute: homeDirectory
      # If true, continues over secure connections even if identity checks fail.
      ignoreTlsErrors: false
      # Optional ignore_unresolvable_server_urls for creating and updating. If true, ignore unresolvable server URIs.
      ignoreUnresolvableServerUrls: false
      # Specifies the groups that can be viewed in the provider.
      listableGroups: []
      # Specifies the users that can be viewed in the provider.
      listableUsers: []
      # Specifies the login shell path.
      loginShell: /bin/bash
      # Sets the method by which group member lookups are performed. Use caution when changing this option directly.
      #     // Acceptable values: default, rfc2307bis.
      memberLookupMethod: default
      # Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
      memberOfAttribute: ""
      # Specifies the LDAP UID attribute, which is used as the login name.
      nameAttribute: uid
      # Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
      netgroupBaseDn: ""
      # Specifies the LDAP filter for netgroup objects.
      netgroupFilter: (objectClass=nisNetgroup)
      # Specifies the LDAP Netgroup Members attribute.
      netgroupMembersAttribute: memberNisNetgroup
      # Specifies the depth from the base DN to perform LDAP searches.
      #     // Acceptable values: default, base, onelevel, subtree, children.
      netgroupSearchScope: default
      # Specifies the LDAP Netgroup Triple attribute.
      netgroupTripleAttribute: nisNetgroupTriple
      # Normalizes group names to lowercase before look up.
      normalizeGroups: false
      # Normalizes user names to lowercase before look up.
      normalizeUsers: false
      # Specifies the LDAP NT Password attribute.
      ntPasswordAttribute: ""
      # Specifies which NTLM versions to support for users with NTLM-compatible credentials.
      #     // Acceptable values: all, v2only, none.
      ntlmSupport: all
      # Specifies the provider domain.
      providerDomain: ""
      # Determines whether to continue over a non-TLS connection.
      requireSecureConnection: false
      # If true, checks the provider for filtered lists of findable and unfindable users and groups.
      restrictFindable: true
      # If true, checks the provider for filtered lists of listable and unlistable users and groups.
      restrictListable: false
      # Specifies the default depth from the base DN to perform LDAP searches.
      #     // Acceptable values: base, onelevel, subtree, children.
      searchScope: subtree
      # Specifies the search timeout period in seconds. Value should between 10 - 3600.
      searchTimeout: 100
      # Specifies the server URIs. Begin URIs with ldap:// or ldaps://
      serverUris:
        - ldap://10.225.108.54
      # Sets the attribute name that indicates the absolute date to expire the account.
      shadowExpireAttribute: shadowExpire
      # Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
      shadowFlagAttribute: shadowFlag
      # Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
      shadowInactiveAttribute: shadowInactive
      # Sets the attribute name that indicates the last change of the shadow information.
      shadowLastChangeAttribute: shadowLastChange
      # Sets the attribute name that indicates the maximum number of days a password can be valid.
      shadowMaxAttribute: shadowMax
      # Sets the attribute name that indicates the minimum number of days between shadow changes.
      shadowMinAttribute: shadowMin
      # Sets LDAP filter for shadow user objects.
      shadowUserFilter: (objectClass=shadowAccount)
      # Sets the attribute name that indicates the number of days before the password expires to warn the user.
      shadowWarningAttribute: shadowWarning
      # Specifies the LDAP Shell attribute.
      shellAttribute: loginShell
      # Sets the attribute name that indicates the SSH Public Key for the user.
      sshPublicKeyAttribute: sshPublicKey
      # Specifies the status of the provider.
      status: online
      # If true, indicates that this provider instance was created by OneFS and cannot be removed.
      system: false
      # Specifies the minimum TLS protocol version.
      tlsProtocolMin: '1.2'
      # Specifies the LDAP UID Number attribute.
      uidAttribute: uidNumber
      # Specifies the groups that cannot be resolved by the provider.
      unfindableGroups:
        - wheel
        - '0'
        - insightiq
        - '15'
        - isdmgmt
        - '16'
      # Specifies users that cannot be resolved by the provider.
      unfindableUsers:
        - root
        - '0'
        - insightiq
        - '15'
        - isdmgmt
        - '16'
      # Sets the LDAP Unique Group Members attribute.
      uniqueGroupMembersAttribute: ""
      # Specifies a group that cannot be listed by the provider.
      unlistableGroups: []
      # Specifies a user that cannot be listed by the provider.
      unlistableUsers: []
      # Specifies the distinguished name of the entry at which to start LDAP searches for users.
      userBaseDn: ""
      # Specifies the domain for this provider through which users are qualified.
      userDomain: LDAP_USERS
      # Specifies the LDAP filter for user objects.
      userFilter: (objectClass=posixAccount)
      # Specifies the depth from the base DN to perform LDAP searches.
      #     // Acceptable values: default, base, onelevel, subtree, children.
      userSearchScope: default
Create LdapProvider Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new LdapProvider(name: string, args: LdapProviderArgs, opts?: CustomResourceOptions);@overload
def LdapProvider(resource_name: str,
                 args: LdapProviderArgs,
                 opts: Optional[ResourceOptions] = None)
@overload
def LdapProvider(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 base_dn: Optional[str] = None,
                 server_uris: Optional[Sequence[str]] = None,
                 alternate_security_identities_attribute: Optional[str] = None,
                 authentication: Optional[bool] = None,
                 balance_servers: Optional[bool] = None,
                 bind_dn: Optional[str] = None,
                 bind_mechanism: Optional[str] = None,
                 bind_timeout: Optional[float] = None,
                 certificate_authority_file: Optional[str] = None,
                 check_online_interval: Optional[float] = None,
                 cn_attribute: Optional[str] = None,
                 create_home_directory: Optional[bool] = None,
                 crypt_password_attribute: Optional[str] = None,
                 email_attribute: Optional[str] = None,
                 enabled: Optional[bool] = None,
                 enumerate_groups: Optional[bool] = None,
                 enumerate_users: Optional[bool] = None,
                 findable_groups: Optional[Sequence[str]] = None,
                 findable_users: Optional[Sequence[str]] = None,
                 gecos_attribute: Optional[str] = None,
                 gid_attribute: Optional[str] = None,
                 group_base_dn: Optional[str] = None,
                 group_domain: Optional[str] = None,
                 group_filter: Optional[str] = None,
                 group_members_attribute: Optional[str] = None,
                 group_search_scope: Optional[str] = None,
                 groupnet: Optional[str] = None,
                 home_directory_template: Optional[str] = None,
                 homedir_attribute: Optional[str] = None,
                 ignore_tls_errors: Optional[bool] = None,
                 ignore_unresolvable_server_urls: Optional[bool] = None,
                 listable_groups: Optional[Sequence[str]] = None,
                 listable_users: Optional[Sequence[str]] = None,
                 login_shell: Optional[str] = None,
                 member_lookup_method: Optional[str] = None,
                 member_of_attribute: Optional[str] = None,
                 name: Optional[str] = None,
                 name_attribute: Optional[str] = None,
                 netgroup_base_dn: Optional[str] = None,
                 netgroup_filter: Optional[str] = None,
                 netgroup_members_attribute: Optional[str] = None,
                 netgroup_search_scope: Optional[str] = None,
                 netgroup_triple_attribute: Optional[str] = None,
                 normalize_groups: Optional[bool] = None,
                 normalize_users: Optional[bool] = None,
                 nt_password_attribute: Optional[str] = None,
                 ntlm_support: Optional[str] = None,
                 ocsp_server_uris: Optional[Sequence[str]] = None,
                 provider_domain: Optional[str] = None,
                 require_secure_connection: Optional[bool] = None,
                 restrict_findable: Optional[bool] = None,
                 restrict_listable: Optional[bool] = None,
                 search_scope: Optional[str] = None,
                 search_timeout: Optional[float] = None,
                 shadow_expire_attribute: Optional[str] = None,
                 shadow_flag_attribute: Optional[str] = None,
                 shadow_inactive_attribute: Optional[str] = None,
                 shadow_last_change_attribute: Optional[str] = None,
                 shadow_max_attribute: Optional[str] = None,
                 shadow_min_attribute: Optional[str] = None,
                 shadow_user_filter: Optional[str] = None,
                 shadow_warning_attribute: Optional[str] = None,
                 shell_attribute: Optional[str] = None,
                 ssh_public_key_attribute: Optional[str] = None,
                 status: Optional[str] = None,
                 system: Optional[bool] = None,
                 tls_protocol_min: Optional[str] = None,
                 tls_revocation_check_level: Optional[str] = None,
                 uid_attribute: Optional[str] = None,
                 unfindable_groups: Optional[Sequence[str]] = None,
                 unfindable_users: Optional[Sequence[str]] = None,
                 unique_group_members_attribute: Optional[str] = None,
                 unlistable_groups: Optional[Sequence[str]] = None,
                 unlistable_users: Optional[Sequence[str]] = None,
                 user_base_dn: Optional[str] = None,
                 user_domain: Optional[str] = None,
                 user_filter: Optional[str] = None,
                 user_search_scope: Optional[str] = None)func NewLdapProvider(ctx *Context, name string, args LdapProviderArgs, opts ...ResourceOption) (*LdapProvider, error)public LdapProvider(string name, LdapProviderArgs args, CustomResourceOptions? opts = null)
public LdapProvider(String name, LdapProviderArgs args)
public LdapProvider(String name, LdapProviderArgs args, CustomResourceOptions options)
type: powerscale:LdapProvider
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args LdapProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args LdapProviderArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args LdapProviderArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args LdapProviderArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args LdapProviderArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var ldapProviderResource = new Powerscale.LdapProvider("ldapProviderResource", new()
{
    BaseDn = "string",
    ServerUris = new[]
    {
        "string",
    },
    AlternateSecurityIdentitiesAttribute = "string",
    Authentication = false,
    BalanceServers = false,
    BindDn = "string",
    BindMechanism = "string",
    BindTimeout = 0,
    CertificateAuthorityFile = "string",
    CheckOnlineInterval = 0,
    CnAttribute = "string",
    CreateHomeDirectory = false,
    CryptPasswordAttribute = "string",
    EmailAttribute = "string",
    Enabled = false,
    EnumerateGroups = false,
    EnumerateUsers = false,
    FindableGroups = new[]
    {
        "string",
    },
    FindableUsers = new[]
    {
        "string",
    },
    GecosAttribute = "string",
    GidAttribute = "string",
    GroupBaseDn = "string",
    GroupDomain = "string",
    GroupFilter = "string",
    GroupMembersAttribute = "string",
    GroupSearchScope = "string",
    Groupnet = "string",
    HomeDirectoryTemplate = "string",
    HomedirAttribute = "string",
    IgnoreTlsErrors = false,
    IgnoreUnresolvableServerUrls = false,
    ListableGroups = new[]
    {
        "string",
    },
    ListableUsers = new[]
    {
        "string",
    },
    LoginShell = "string",
    MemberLookupMethod = "string",
    MemberOfAttribute = "string",
    Name = "string",
    NameAttribute = "string",
    NetgroupBaseDn = "string",
    NetgroupFilter = "string",
    NetgroupMembersAttribute = "string",
    NetgroupSearchScope = "string",
    NetgroupTripleAttribute = "string",
    NormalizeGroups = false,
    NormalizeUsers = false,
    NtPasswordAttribute = "string",
    NtlmSupport = "string",
    OcspServerUris = new[]
    {
        "string",
    },
    ProviderDomain = "string",
    RequireSecureConnection = false,
    RestrictFindable = false,
    RestrictListable = false,
    SearchScope = "string",
    SearchTimeout = 0,
    ShadowExpireAttribute = "string",
    ShadowFlagAttribute = "string",
    ShadowInactiveAttribute = "string",
    ShadowLastChangeAttribute = "string",
    ShadowMaxAttribute = "string",
    ShadowMinAttribute = "string",
    ShadowUserFilter = "string",
    ShadowWarningAttribute = "string",
    ShellAttribute = "string",
    SshPublicKeyAttribute = "string",
    Status = "string",
    System = false,
    TlsProtocolMin = "string",
    TlsRevocationCheckLevel = "string",
    UidAttribute = "string",
    UnfindableGroups = new[]
    {
        "string",
    },
    UnfindableUsers = new[]
    {
        "string",
    },
    UniqueGroupMembersAttribute = "string",
    UnlistableGroups = new[]
    {
        "string",
    },
    UnlistableUsers = new[]
    {
        "string",
    },
    UserBaseDn = "string",
    UserDomain = "string",
    UserFilter = "string",
    UserSearchScope = "string",
});
example, err := powerscale.NewLdapProvider(ctx, "ldapProviderResource", &powerscale.LdapProviderArgs{
	BaseDn: pulumi.String("string"),
	ServerUris: pulumi.StringArray{
		pulumi.String("string"),
	},
	AlternateSecurityIdentitiesAttribute: pulumi.String("string"),
	Authentication:                       pulumi.Bool(false),
	BalanceServers:                       pulumi.Bool(false),
	BindDn:                               pulumi.String("string"),
	BindMechanism:                        pulumi.String("string"),
	BindTimeout:                          pulumi.Float64(0),
	CertificateAuthorityFile:             pulumi.String("string"),
	CheckOnlineInterval:                  pulumi.Float64(0),
	CnAttribute:                          pulumi.String("string"),
	CreateHomeDirectory:                  pulumi.Bool(false),
	CryptPasswordAttribute:               pulumi.String("string"),
	EmailAttribute:                       pulumi.String("string"),
	Enabled:                              pulumi.Bool(false),
	EnumerateGroups:                      pulumi.Bool(false),
	EnumerateUsers:                       pulumi.Bool(false),
	FindableGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	FindableUsers: pulumi.StringArray{
		pulumi.String("string"),
	},
	GecosAttribute:               pulumi.String("string"),
	GidAttribute:                 pulumi.String("string"),
	GroupBaseDn:                  pulumi.String("string"),
	GroupDomain:                  pulumi.String("string"),
	GroupFilter:                  pulumi.String("string"),
	GroupMembersAttribute:        pulumi.String("string"),
	GroupSearchScope:             pulumi.String("string"),
	Groupnet:                     pulumi.String("string"),
	HomeDirectoryTemplate:        pulumi.String("string"),
	HomedirAttribute:             pulumi.String("string"),
	IgnoreTlsErrors:              pulumi.Bool(false),
	IgnoreUnresolvableServerUrls: pulumi.Bool(false),
	ListableGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	ListableUsers: pulumi.StringArray{
		pulumi.String("string"),
	},
	LoginShell:               pulumi.String("string"),
	MemberLookupMethod:       pulumi.String("string"),
	MemberOfAttribute:        pulumi.String("string"),
	Name:                     pulumi.String("string"),
	NameAttribute:            pulumi.String("string"),
	NetgroupBaseDn:           pulumi.String("string"),
	NetgroupFilter:           pulumi.String("string"),
	NetgroupMembersAttribute: pulumi.String("string"),
	NetgroupSearchScope:      pulumi.String("string"),
	NetgroupTripleAttribute:  pulumi.String("string"),
	NormalizeGroups:          pulumi.Bool(false),
	NormalizeUsers:           pulumi.Bool(false),
	NtPasswordAttribute:      pulumi.String("string"),
	NtlmSupport:              pulumi.String("string"),
	OcspServerUris: pulumi.StringArray{
		pulumi.String("string"),
	},
	ProviderDomain:            pulumi.String("string"),
	RequireSecureConnection:   pulumi.Bool(false),
	RestrictFindable:          pulumi.Bool(false),
	RestrictListable:          pulumi.Bool(false),
	SearchScope:               pulumi.String("string"),
	SearchTimeout:             pulumi.Float64(0),
	ShadowExpireAttribute:     pulumi.String("string"),
	ShadowFlagAttribute:       pulumi.String("string"),
	ShadowInactiveAttribute:   pulumi.String("string"),
	ShadowLastChangeAttribute: pulumi.String("string"),
	ShadowMaxAttribute:        pulumi.String("string"),
	ShadowMinAttribute:        pulumi.String("string"),
	ShadowUserFilter:          pulumi.String("string"),
	ShadowWarningAttribute:    pulumi.String("string"),
	ShellAttribute:            pulumi.String("string"),
	SshPublicKeyAttribute:     pulumi.String("string"),
	Status:                    pulumi.String("string"),
	System:                    pulumi.Bool(false),
	TlsProtocolMin:            pulumi.String("string"),
	TlsRevocationCheckLevel:   pulumi.String("string"),
	UidAttribute:              pulumi.String("string"),
	UnfindableGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	UnfindableUsers: pulumi.StringArray{
		pulumi.String("string"),
	},
	UniqueGroupMembersAttribute: pulumi.String("string"),
	UnlistableGroups: pulumi.StringArray{
		pulumi.String("string"),
	},
	UnlistableUsers: pulumi.StringArray{
		pulumi.String("string"),
	},
	UserBaseDn:      pulumi.String("string"),
	UserDomain:      pulumi.String("string"),
	UserFilter:      pulumi.String("string"),
	UserSearchScope: pulumi.String("string"),
})
var ldapProviderResource = new LdapProvider("ldapProviderResource", LdapProviderArgs.builder()
    .baseDn("string")
    .serverUris("string")
    .alternateSecurityIdentitiesAttribute("string")
    .authentication(false)
    .balanceServers(false)
    .bindDn("string")
    .bindMechanism("string")
    .bindTimeout(0.0)
    .certificateAuthorityFile("string")
    .checkOnlineInterval(0.0)
    .cnAttribute("string")
    .createHomeDirectory(false)
    .cryptPasswordAttribute("string")
    .emailAttribute("string")
    .enabled(false)
    .enumerateGroups(false)
    .enumerateUsers(false)
    .findableGroups("string")
    .findableUsers("string")
    .gecosAttribute("string")
    .gidAttribute("string")
    .groupBaseDn("string")
    .groupDomain("string")
    .groupFilter("string")
    .groupMembersAttribute("string")
    .groupSearchScope("string")
    .groupnet("string")
    .homeDirectoryTemplate("string")
    .homedirAttribute("string")
    .ignoreTlsErrors(false)
    .ignoreUnresolvableServerUrls(false)
    .listableGroups("string")
    .listableUsers("string")
    .loginShell("string")
    .memberLookupMethod("string")
    .memberOfAttribute("string")
    .name("string")
    .nameAttribute("string")
    .netgroupBaseDn("string")
    .netgroupFilter("string")
    .netgroupMembersAttribute("string")
    .netgroupSearchScope("string")
    .netgroupTripleAttribute("string")
    .normalizeGroups(false)
    .normalizeUsers(false)
    .ntPasswordAttribute("string")
    .ntlmSupport("string")
    .ocspServerUris("string")
    .providerDomain("string")
    .requireSecureConnection(false)
    .restrictFindable(false)
    .restrictListable(false)
    .searchScope("string")
    .searchTimeout(0.0)
    .shadowExpireAttribute("string")
    .shadowFlagAttribute("string")
    .shadowInactiveAttribute("string")
    .shadowLastChangeAttribute("string")
    .shadowMaxAttribute("string")
    .shadowMinAttribute("string")
    .shadowUserFilter("string")
    .shadowWarningAttribute("string")
    .shellAttribute("string")
    .sshPublicKeyAttribute("string")
    .status("string")
    .system(false)
    .tlsProtocolMin("string")
    .tlsRevocationCheckLevel("string")
    .uidAttribute("string")
    .unfindableGroups("string")
    .unfindableUsers("string")
    .uniqueGroupMembersAttribute("string")
    .unlistableGroups("string")
    .unlistableUsers("string")
    .userBaseDn("string")
    .userDomain("string")
    .userFilter("string")
    .userSearchScope("string")
    .build());
ldap_provider_resource = powerscale.LdapProvider("ldapProviderResource",
    base_dn="string",
    server_uris=["string"],
    alternate_security_identities_attribute="string",
    authentication=False,
    balance_servers=False,
    bind_dn="string",
    bind_mechanism="string",
    bind_timeout=0,
    certificate_authority_file="string",
    check_online_interval=0,
    cn_attribute="string",
    create_home_directory=False,
    crypt_password_attribute="string",
    email_attribute="string",
    enabled=False,
    enumerate_groups=False,
    enumerate_users=False,
    findable_groups=["string"],
    findable_users=["string"],
    gecos_attribute="string",
    gid_attribute="string",
    group_base_dn="string",
    group_domain="string",
    group_filter="string",
    group_members_attribute="string",
    group_search_scope="string",
    groupnet="string",
    home_directory_template="string",
    homedir_attribute="string",
    ignore_tls_errors=False,
    ignore_unresolvable_server_urls=False,
    listable_groups=["string"],
    listable_users=["string"],
    login_shell="string",
    member_lookup_method="string",
    member_of_attribute="string",
    name="string",
    name_attribute="string",
    netgroup_base_dn="string",
    netgroup_filter="string",
    netgroup_members_attribute="string",
    netgroup_search_scope="string",
    netgroup_triple_attribute="string",
    normalize_groups=False,
    normalize_users=False,
    nt_password_attribute="string",
    ntlm_support="string",
    ocsp_server_uris=["string"],
    provider_domain="string",
    require_secure_connection=False,
    restrict_findable=False,
    restrict_listable=False,
    search_scope="string",
    search_timeout=0,
    shadow_expire_attribute="string",
    shadow_flag_attribute="string",
    shadow_inactive_attribute="string",
    shadow_last_change_attribute="string",
    shadow_max_attribute="string",
    shadow_min_attribute="string",
    shadow_user_filter="string",
    shadow_warning_attribute="string",
    shell_attribute="string",
    ssh_public_key_attribute="string",
    status="string",
    system=False,
    tls_protocol_min="string",
    tls_revocation_check_level="string",
    uid_attribute="string",
    unfindable_groups=["string"],
    unfindable_users=["string"],
    unique_group_members_attribute="string",
    unlistable_groups=["string"],
    unlistable_users=["string"],
    user_base_dn="string",
    user_domain="string",
    user_filter="string",
    user_search_scope="string")
const ldapProviderResource = new powerscale.LdapProvider("ldapProviderResource", {
    baseDn: "string",
    serverUris: ["string"],
    alternateSecurityIdentitiesAttribute: "string",
    authentication: false,
    balanceServers: false,
    bindDn: "string",
    bindMechanism: "string",
    bindTimeout: 0,
    certificateAuthorityFile: "string",
    checkOnlineInterval: 0,
    cnAttribute: "string",
    createHomeDirectory: false,
    cryptPasswordAttribute: "string",
    emailAttribute: "string",
    enabled: false,
    enumerateGroups: false,
    enumerateUsers: false,
    findableGroups: ["string"],
    findableUsers: ["string"],
    gecosAttribute: "string",
    gidAttribute: "string",
    groupBaseDn: "string",
    groupDomain: "string",
    groupFilter: "string",
    groupMembersAttribute: "string",
    groupSearchScope: "string",
    groupnet: "string",
    homeDirectoryTemplate: "string",
    homedirAttribute: "string",
    ignoreTlsErrors: false,
    ignoreUnresolvableServerUrls: false,
    listableGroups: ["string"],
    listableUsers: ["string"],
    loginShell: "string",
    memberLookupMethod: "string",
    memberOfAttribute: "string",
    name: "string",
    nameAttribute: "string",
    netgroupBaseDn: "string",
    netgroupFilter: "string",
    netgroupMembersAttribute: "string",
    netgroupSearchScope: "string",
    netgroupTripleAttribute: "string",
    normalizeGroups: false,
    normalizeUsers: false,
    ntPasswordAttribute: "string",
    ntlmSupport: "string",
    ocspServerUris: ["string"],
    providerDomain: "string",
    requireSecureConnection: false,
    restrictFindable: false,
    restrictListable: false,
    searchScope: "string",
    searchTimeout: 0,
    shadowExpireAttribute: "string",
    shadowFlagAttribute: "string",
    shadowInactiveAttribute: "string",
    shadowLastChangeAttribute: "string",
    shadowMaxAttribute: "string",
    shadowMinAttribute: "string",
    shadowUserFilter: "string",
    shadowWarningAttribute: "string",
    shellAttribute: "string",
    sshPublicKeyAttribute: "string",
    status: "string",
    system: false,
    tlsProtocolMin: "string",
    tlsRevocationCheckLevel: "string",
    uidAttribute: "string",
    unfindableGroups: ["string"],
    unfindableUsers: ["string"],
    uniqueGroupMembersAttribute: "string",
    unlistableGroups: ["string"],
    unlistableUsers: ["string"],
    userBaseDn: "string",
    userDomain: "string",
    userFilter: "string",
    userSearchScope: "string",
});
type: powerscale:LdapProvider
properties:
    alternateSecurityIdentitiesAttribute: string
    authentication: false
    balanceServers: false
    baseDn: string
    bindDn: string
    bindMechanism: string
    bindTimeout: 0
    certificateAuthorityFile: string
    checkOnlineInterval: 0
    cnAttribute: string
    createHomeDirectory: false
    cryptPasswordAttribute: string
    emailAttribute: string
    enabled: false
    enumerateGroups: false
    enumerateUsers: false
    findableGroups:
        - string
    findableUsers:
        - string
    gecosAttribute: string
    gidAttribute: string
    groupBaseDn: string
    groupDomain: string
    groupFilter: string
    groupMembersAttribute: string
    groupSearchScope: string
    groupnet: string
    homeDirectoryTemplate: string
    homedirAttribute: string
    ignoreTlsErrors: false
    ignoreUnresolvableServerUrls: false
    listableGroups:
        - string
    listableUsers:
        - string
    loginShell: string
    memberLookupMethod: string
    memberOfAttribute: string
    name: string
    nameAttribute: string
    netgroupBaseDn: string
    netgroupFilter: string
    netgroupMembersAttribute: string
    netgroupSearchScope: string
    netgroupTripleAttribute: string
    normalizeGroups: false
    normalizeUsers: false
    ntPasswordAttribute: string
    ntlmSupport: string
    ocspServerUris:
        - string
    providerDomain: string
    requireSecureConnection: false
    restrictFindable: false
    restrictListable: false
    searchScope: string
    searchTimeout: 0
    serverUris:
        - string
    shadowExpireAttribute: string
    shadowFlagAttribute: string
    shadowInactiveAttribute: string
    shadowLastChangeAttribute: string
    shadowMaxAttribute: string
    shadowMinAttribute: string
    shadowUserFilter: string
    shadowWarningAttribute: string
    shellAttribute: string
    sshPublicKeyAttribute: string
    status: string
    system: false
    tlsProtocolMin: string
    tlsRevocationCheckLevel: string
    uidAttribute: string
    unfindableGroups:
        - string
    unfindableUsers:
        - string
    uniqueGroupMembersAttribute: string
    unlistableGroups:
        - string
    unlistableUsers:
        - string
    userBaseDn: string
    userDomain: string
    userFilter: string
    userSearchScope: string
LdapProvider Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The LdapProvider resource accepts the following input properties:
- BaseDn string
- Specifies the root of the tree in which to search identities.
- ServerUris List<string>
- Specifies the server URIs.
- AlternateSecurity stringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- Authentication bool
- If true, enables authentication and identity management through the authentication provider.
- BalanceServers bool
- If true, connects the provider to a random server.
- BindDn string
- Specifies the distinguished name for binding to the LDAP server.
- BindMechanism string
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- BindTimeout double
- Specifies the timeout in seconds when binding to an LDAP server.
- string
- Specifies the path to the root certificates file.
- CheckOnline doubleInterval 
- Specifies the time in seconds between provider online checks.
- CnAttribute string
- Specifies the canonical name.
- CreateHome boolDirectory 
- Automatically create the home directory on the first login.
- CryptPassword stringAttribute 
- Specifies the hashed password value.
- EmailAttribute string
- Specifies the LDAP Email attribute.
- Enabled bool
- If true, enables the LDAP provider.
- EnumerateGroups bool
- If true, allows the provider to enumerate groups.
- EnumerateUsers bool
- If true, allows the provider to enumerate users.
- FindableGroups List<string>
- Specifies the list of groups that can be resolved.
- FindableUsers List<string>
- Specifies the list of users that can be resolved.
- GecosAttribute string
- Specifies the LDAP GECOS attribute.
- GidAttribute string
- Specifies the LDAP GID attribute.
- GroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- GroupDomain string
- Specifies the domain for this provider through which groups are qualified.
- GroupFilter string
- Specifies the LDAP filter for group objects.
- GroupMembers stringAttribute 
- Specifies the LDAP Group Members attribute.
- GroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- Groupnet string
- Groupnet identifier. Cannot be updated.
- HomeDirectory stringTemplate 
- Specifies the path to the home directory template.
- HomedirAttribute string
- Specifies the LDAP Homedir attribute.
- IgnoreTls boolErrors 
- If true, continues over secure connections even if identity checks fail.
- IgnoreUnresolvable boolServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- ListableGroups List<string>
- Specifies the groups that can be viewed in the provider.
- ListableUsers List<string>
- Specifies the users that can be viewed in the provider.
- LoginShell string
- Specifies the login shell path.
- MemberLookup stringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- MemberOf stringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- Name string
- Specifies the name of the LDAP provider.
- NameAttribute string
- Specifies the LDAP UID attribute, which is used as the login name.
- NetgroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- NetgroupFilter string
- Specifies the LDAP filter for netgroup objects.
- NetgroupMembers stringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- NetgroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- NetgroupTriple stringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- NormalizeGroups bool
- Normalizes group names to lowercase before look up.
- NormalizeUsers bool
- Normalizes user names to lowercase before look up.
- NtPassword stringAttribute 
- Specifies the LDAP NT Password attribute.
- NtlmSupport string
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- OcspServer List<string>Uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- ProviderDomain string
- Specifies the provider domain.
- RequireSecure boolConnection 
- Determines whether to continue over a non-TLS connection.
- RestrictFindable bool
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- RestrictListable bool
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- SearchScope string
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- SearchTimeout double
- Specifies the search timeout period in seconds.
- ShadowExpire stringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- ShadowFlag stringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- ShadowInactive stringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- ShadowLast stringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- ShadowMax stringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- ShadowMin stringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- ShadowUser stringFilter 
- Sets LDAP filter for shadow user objects.
- ShadowWarning stringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- ShellAttribute string
- Specifies the LDAP Shell attribute.
- SshPublic stringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- Status string
- Specifies the status of the provider.
- System bool
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- TlsProtocol stringMin 
- Specifies the minimum TLS protocol version.
- TlsRevocation stringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- UidAttribute string
- Specifies the LDAP UID Number attribute.
- UnfindableGroups List<string>
- Specifies the groups that cannot be resolved by the provider.
- UnfindableUsers List<string>
- Specifies users that cannot be resolved by the provider.
- UniqueGroup stringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- UnlistableGroups List<string>
- Specifies a group that cannot be listed by the provider.
- UnlistableUsers List<string>
- Specifies a user that cannot be listed by the provider.
- UserBase stringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- UserDomain string
- Specifies the domain for this provider through which users are qualified.
- UserFilter string
- Specifies the LDAP filter for user objects.
- UserSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- BaseDn string
- Specifies the root of the tree in which to search identities.
- ServerUris []string
- Specifies the server URIs.
- AlternateSecurity stringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- Authentication bool
- If true, enables authentication and identity management through the authentication provider.
- BalanceServers bool
- If true, connects the provider to a random server.
- BindDn string
- Specifies the distinguished name for binding to the LDAP server.
- BindMechanism string
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- BindTimeout float64
- Specifies the timeout in seconds when binding to an LDAP server.
- string
- Specifies the path to the root certificates file.
- CheckOnline float64Interval 
- Specifies the time in seconds between provider online checks.
- CnAttribute string
- Specifies the canonical name.
- CreateHome boolDirectory 
- Automatically create the home directory on the first login.
- CryptPassword stringAttribute 
- Specifies the hashed password value.
- EmailAttribute string
- Specifies the LDAP Email attribute.
- Enabled bool
- If true, enables the LDAP provider.
- EnumerateGroups bool
- If true, allows the provider to enumerate groups.
- EnumerateUsers bool
- If true, allows the provider to enumerate users.
- FindableGroups []string
- Specifies the list of groups that can be resolved.
- FindableUsers []string
- Specifies the list of users that can be resolved.
- GecosAttribute string
- Specifies the LDAP GECOS attribute.
- GidAttribute string
- Specifies the LDAP GID attribute.
- GroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- GroupDomain string
- Specifies the domain for this provider through which groups are qualified.
- GroupFilter string
- Specifies the LDAP filter for group objects.
- GroupMembers stringAttribute 
- Specifies the LDAP Group Members attribute.
- GroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- Groupnet string
- Groupnet identifier. Cannot be updated.
- HomeDirectory stringTemplate 
- Specifies the path to the home directory template.
- HomedirAttribute string
- Specifies the LDAP Homedir attribute.
- IgnoreTls boolErrors 
- If true, continues over secure connections even if identity checks fail.
- IgnoreUnresolvable boolServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- ListableGroups []string
- Specifies the groups that can be viewed in the provider.
- ListableUsers []string
- Specifies the users that can be viewed in the provider.
- LoginShell string
- Specifies the login shell path.
- MemberLookup stringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- MemberOf stringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- Name string
- Specifies the name of the LDAP provider.
- NameAttribute string
- Specifies the LDAP UID attribute, which is used as the login name.
- NetgroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- NetgroupFilter string
- Specifies the LDAP filter for netgroup objects.
- NetgroupMembers stringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- NetgroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- NetgroupTriple stringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- NormalizeGroups bool
- Normalizes group names to lowercase before look up.
- NormalizeUsers bool
- Normalizes user names to lowercase before look up.
- NtPassword stringAttribute 
- Specifies the LDAP NT Password attribute.
- NtlmSupport string
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- OcspServer []stringUris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- ProviderDomain string
- Specifies the provider domain.
- RequireSecure boolConnection 
- Determines whether to continue over a non-TLS connection.
- RestrictFindable bool
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- RestrictListable bool
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- SearchScope string
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- SearchTimeout float64
- Specifies the search timeout period in seconds.
- ShadowExpire stringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- ShadowFlag stringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- ShadowInactive stringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- ShadowLast stringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- ShadowMax stringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- ShadowMin stringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- ShadowUser stringFilter 
- Sets LDAP filter for shadow user objects.
- ShadowWarning stringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- ShellAttribute string
- Specifies the LDAP Shell attribute.
- SshPublic stringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- Status string
- Specifies the status of the provider.
- System bool
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- TlsProtocol stringMin 
- Specifies the minimum TLS protocol version.
- TlsRevocation stringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- UidAttribute string
- Specifies the LDAP UID Number attribute.
- UnfindableGroups []string
- Specifies the groups that cannot be resolved by the provider.
- UnfindableUsers []string
- Specifies users that cannot be resolved by the provider.
- UniqueGroup stringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- UnlistableGroups []string
- Specifies a group that cannot be listed by the provider.
- UnlistableUsers []string
- Specifies a user that cannot be listed by the provider.
- UserBase stringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- UserDomain string
- Specifies the domain for this provider through which users are qualified.
- UserFilter string
- Specifies the LDAP filter for user objects.
- UserSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- baseDn String
- Specifies the root of the tree in which to search identities.
- serverUris List<String>
- Specifies the server URIs.
- alternateSecurity StringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- authentication Boolean
- If true, enables authentication and identity management through the authentication provider.
- balanceServers Boolean
- If true, connects the provider to a random server.
- bindDn String
- Specifies the distinguished name for binding to the LDAP server.
- bindMechanism String
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- bindTimeout Double
- Specifies the timeout in seconds when binding to an LDAP server.
- String
- Specifies the path to the root certificates file.
- checkOnline DoubleInterval 
- Specifies the time in seconds between provider online checks.
- cnAttribute String
- Specifies the canonical name.
- createHome BooleanDirectory 
- Automatically create the home directory on the first login.
- cryptPassword StringAttribute 
- Specifies the hashed password value.
- emailAttribute String
- Specifies the LDAP Email attribute.
- enabled Boolean
- If true, enables the LDAP provider.
- enumerateGroups Boolean
- If true, allows the provider to enumerate groups.
- enumerateUsers Boolean
- If true, allows the provider to enumerate users.
- findableGroups List<String>
- Specifies the list of groups that can be resolved.
- findableUsers List<String>
- Specifies the list of users that can be resolved.
- gecosAttribute String
- Specifies the LDAP GECOS attribute.
- gidAttribute String
- Specifies the LDAP GID attribute.
- groupBase StringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- groupDomain String
- Specifies the domain for this provider through which groups are qualified.
- groupFilter String
- Specifies the LDAP filter for group objects.
- groupMembers StringAttribute 
- Specifies the LDAP Group Members attribute.
- groupSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- groupnet String
- Groupnet identifier. Cannot be updated.
- homeDirectory StringTemplate 
- Specifies the path to the home directory template.
- homedirAttribute String
- Specifies the LDAP Homedir attribute.
- ignoreTls BooleanErrors 
- If true, continues over secure connections even if identity checks fail.
- ignoreUnresolvable BooleanServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- listableGroups List<String>
- Specifies the groups that can be viewed in the provider.
- listableUsers List<String>
- Specifies the users that can be viewed in the provider.
- loginShell String
- Specifies the login shell path.
- memberLookup StringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- memberOf StringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- name String
- Specifies the name of the LDAP provider.
- nameAttribute String
- Specifies the LDAP UID attribute, which is used as the login name.
- netgroupBase StringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- netgroupFilter String
- Specifies the LDAP filter for netgroup objects.
- netgroupMembers StringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- netgroupSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- netgroupTriple StringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- normalizeGroups Boolean
- Normalizes group names to lowercase before look up.
- normalizeUsers Boolean
- Normalizes user names to lowercase before look up.
- ntPassword StringAttribute 
- Specifies the LDAP NT Password attribute.
- ntlmSupport String
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- ocspServer List<String>Uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- providerDomain String
- Specifies the provider domain.
- requireSecure BooleanConnection 
- Determines whether to continue over a non-TLS connection.
- restrictFindable Boolean
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- restrictListable Boolean
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- searchScope String
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- searchTimeout Double
- Specifies the search timeout period in seconds.
- shadowExpire StringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- shadowFlag StringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- shadowInactive StringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- shadowLast StringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- shadowMax StringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- shadowMin StringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- shadowUser StringFilter 
- Sets LDAP filter for shadow user objects.
- shadowWarning StringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- shellAttribute String
- Specifies the LDAP Shell attribute.
- sshPublic StringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- status String
- Specifies the status of the provider.
- system Boolean
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- tlsProtocol StringMin 
- Specifies the minimum TLS protocol version.
- tlsRevocation StringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- uidAttribute String
- Specifies the LDAP UID Number attribute.
- unfindableGroups List<String>
- Specifies the groups that cannot be resolved by the provider.
- unfindableUsers List<String>
- Specifies users that cannot be resolved by the provider.
- uniqueGroup StringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- unlistableGroups List<String>
- Specifies a group that cannot be listed by the provider.
- unlistableUsers List<String>
- Specifies a user that cannot be listed by the provider.
- userBase StringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- userDomain String
- Specifies the domain for this provider through which users are qualified.
- userFilter String
- Specifies the LDAP filter for user objects.
- userSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- baseDn string
- Specifies the root of the tree in which to search identities.
- serverUris string[]
- Specifies the server URIs.
- alternateSecurity stringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- authentication boolean
- If true, enables authentication and identity management through the authentication provider.
- balanceServers boolean
- If true, connects the provider to a random server.
- bindDn string
- Specifies the distinguished name for binding to the LDAP server.
- bindMechanism string
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- bindTimeout number
- Specifies the timeout in seconds when binding to an LDAP server.
- string
- Specifies the path to the root certificates file.
- checkOnline numberInterval 
- Specifies the time in seconds between provider online checks.
- cnAttribute string
- Specifies the canonical name.
- createHome booleanDirectory 
- Automatically create the home directory on the first login.
- cryptPassword stringAttribute 
- Specifies the hashed password value.
- emailAttribute string
- Specifies the LDAP Email attribute.
- enabled boolean
- If true, enables the LDAP provider.
- enumerateGroups boolean
- If true, allows the provider to enumerate groups.
- enumerateUsers boolean
- If true, allows the provider to enumerate users.
- findableGroups string[]
- Specifies the list of groups that can be resolved.
- findableUsers string[]
- Specifies the list of users that can be resolved.
- gecosAttribute string
- Specifies the LDAP GECOS attribute.
- gidAttribute string
- Specifies the LDAP GID attribute.
- groupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- groupDomain string
- Specifies the domain for this provider through which groups are qualified.
- groupFilter string
- Specifies the LDAP filter for group objects.
- groupMembers stringAttribute 
- Specifies the LDAP Group Members attribute.
- groupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- groupnet string
- Groupnet identifier. Cannot be updated.
- homeDirectory stringTemplate 
- Specifies the path to the home directory template.
- homedirAttribute string
- Specifies the LDAP Homedir attribute.
- ignoreTls booleanErrors 
- If true, continues over secure connections even if identity checks fail.
- ignoreUnresolvable booleanServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- listableGroups string[]
- Specifies the groups that can be viewed in the provider.
- listableUsers string[]
- Specifies the users that can be viewed in the provider.
- loginShell string
- Specifies the login shell path.
- memberLookup stringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- memberOf stringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- name string
- Specifies the name of the LDAP provider.
- nameAttribute string
- Specifies the LDAP UID attribute, which is used as the login name.
- netgroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- netgroupFilter string
- Specifies the LDAP filter for netgroup objects.
- netgroupMembers stringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- netgroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- netgroupTriple stringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- normalizeGroups boolean
- Normalizes group names to lowercase before look up.
- normalizeUsers boolean
- Normalizes user names to lowercase before look up.
- ntPassword stringAttribute 
- Specifies the LDAP NT Password attribute.
- ntlmSupport string
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- ocspServer string[]Uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- providerDomain string
- Specifies the provider domain.
- requireSecure booleanConnection 
- Determines whether to continue over a non-TLS connection.
- restrictFindable boolean
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- restrictListable boolean
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- searchScope string
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- searchTimeout number
- Specifies the search timeout period in seconds.
- shadowExpire stringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- shadowFlag stringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- shadowInactive stringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- shadowLast stringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- shadowMax stringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- shadowMin stringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- shadowUser stringFilter 
- Sets LDAP filter for shadow user objects.
- shadowWarning stringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- shellAttribute string
- Specifies the LDAP Shell attribute.
- sshPublic stringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- status string
- Specifies the status of the provider.
- system boolean
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- tlsProtocol stringMin 
- Specifies the minimum TLS protocol version.
- tlsRevocation stringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- uidAttribute string
- Specifies the LDAP UID Number attribute.
- unfindableGroups string[]
- Specifies the groups that cannot be resolved by the provider.
- unfindableUsers string[]
- Specifies users that cannot be resolved by the provider.
- uniqueGroup stringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- unlistableGroups string[]
- Specifies a group that cannot be listed by the provider.
- unlistableUsers string[]
- Specifies a user that cannot be listed by the provider.
- userBase stringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- userDomain string
- Specifies the domain for this provider through which users are qualified.
- userFilter string
- Specifies the LDAP filter for user objects.
- userSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- base_dn str
- Specifies the root of the tree in which to search identities.
- server_uris Sequence[str]
- Specifies the server URIs.
- alternate_security_ stridentities_ attribute 
- Specifies the attribute name used when searching for alternate security identities.
- authentication bool
- If true, enables authentication and identity management through the authentication provider.
- balance_servers bool
- If true, connects the provider to a random server.
- bind_dn str
- Specifies the distinguished name for binding to the LDAP server.
- bind_mechanism str
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- bind_timeout float
- Specifies the timeout in seconds when binding to an LDAP server.
- str
- Specifies the path to the root certificates file.
- check_online_ floatinterval 
- Specifies the time in seconds between provider online checks.
- cn_attribute str
- Specifies the canonical name.
- create_home_ booldirectory 
- Automatically create the home directory on the first login.
- crypt_password_ strattribute 
- Specifies the hashed password value.
- email_attribute str
- Specifies the LDAP Email attribute.
- enabled bool
- If true, enables the LDAP provider.
- enumerate_groups bool
- If true, allows the provider to enumerate groups.
- enumerate_users bool
- If true, allows the provider to enumerate users.
- findable_groups Sequence[str]
- Specifies the list of groups that can be resolved.
- findable_users Sequence[str]
- Specifies the list of users that can be resolved.
- gecos_attribute str
- Specifies the LDAP GECOS attribute.
- gid_attribute str
- Specifies the LDAP GID attribute.
- group_base_ strdn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- group_domain str
- Specifies the domain for this provider through which groups are qualified.
- group_filter str
- Specifies the LDAP filter for group objects.
- group_members_ strattribute 
- Specifies the LDAP Group Members attribute.
- group_search_ strscope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- groupnet str
- Groupnet identifier. Cannot be updated.
- home_directory_ strtemplate 
- Specifies the path to the home directory template.
- homedir_attribute str
- Specifies the LDAP Homedir attribute.
- ignore_tls_ boolerrors 
- If true, continues over secure connections even if identity checks fail.
- ignore_unresolvable_ boolserver_ urls 
- Ignore unresolvable server URIs when creating and updating.
- listable_groups Sequence[str]
- Specifies the groups that can be viewed in the provider.
- listable_users Sequence[str]
- Specifies the users that can be viewed in the provider.
- login_shell str
- Specifies the login shell path.
- member_lookup_ strmethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- member_of_ strattribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- name str
- Specifies the name of the LDAP provider.
- name_attribute str
- Specifies the LDAP UID attribute, which is used as the login name.
- netgroup_base_ strdn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- netgroup_filter str
- Specifies the LDAP filter for netgroup objects.
- netgroup_members_ strattribute 
- Specifies the LDAP Netgroup Members attribute.
- netgroup_search_ strscope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- netgroup_triple_ strattribute 
- Specifies the LDAP Netgroup Triple attribute.
- normalize_groups bool
- Normalizes group names to lowercase before look up.
- normalize_users bool
- Normalizes user names to lowercase before look up.
- nt_password_ strattribute 
- Specifies the LDAP NT Password attribute.
- ntlm_support str
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- ocsp_server_ Sequence[str]uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- provider_domain str
- Specifies the provider domain.
- require_secure_ boolconnection 
- Determines whether to continue over a non-TLS connection.
- restrict_findable bool
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- restrict_listable bool
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- search_scope str
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- search_timeout float
- Specifies the search timeout period in seconds.
- shadow_expire_ strattribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- shadow_flag_ strattribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- shadow_inactive_ strattribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- shadow_last_ strchange_ attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- shadow_max_ strattribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- shadow_min_ strattribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- shadow_user_ strfilter 
- Sets LDAP filter for shadow user objects.
- shadow_warning_ strattribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- shell_attribute str
- Specifies the LDAP Shell attribute.
- ssh_public_ strkey_ attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- status str
- Specifies the status of the provider.
- system bool
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- tls_protocol_ strmin 
- Specifies the minimum TLS protocol version.
- tls_revocation_ strcheck_ level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- uid_attribute str
- Specifies the LDAP UID Number attribute.
- unfindable_groups Sequence[str]
- Specifies the groups that cannot be resolved by the provider.
- unfindable_users Sequence[str]
- Specifies users that cannot be resolved by the provider.
- unique_group_ strmembers_ attribute 
- Sets the LDAP Unique Group Members attribute.
- unlistable_groups Sequence[str]
- Specifies a group that cannot be listed by the provider.
- unlistable_users Sequence[str]
- Specifies a user that cannot be listed by the provider.
- user_base_ strdn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- user_domain str
- Specifies the domain for this provider through which users are qualified.
- user_filter str
- Specifies the LDAP filter for user objects.
- user_search_ strscope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- baseDn String
- Specifies the root of the tree in which to search identities.
- serverUris List<String>
- Specifies the server URIs.
- alternateSecurity StringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- authentication Boolean
- If true, enables authentication and identity management through the authentication provider.
- balanceServers Boolean
- If true, connects the provider to a random server.
- bindDn String
- Specifies the distinguished name for binding to the LDAP server.
- bindMechanism String
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- bindTimeout Number
- Specifies the timeout in seconds when binding to an LDAP server.
- String
- Specifies the path to the root certificates file.
- checkOnline NumberInterval 
- Specifies the time in seconds between provider online checks.
- cnAttribute String
- Specifies the canonical name.
- createHome BooleanDirectory 
- Automatically create the home directory on the first login.
- cryptPassword StringAttribute 
- Specifies the hashed password value.
- emailAttribute String
- Specifies the LDAP Email attribute.
- enabled Boolean
- If true, enables the LDAP provider.
- enumerateGroups Boolean
- If true, allows the provider to enumerate groups.
- enumerateUsers Boolean
- If true, allows the provider to enumerate users.
- findableGroups List<String>
- Specifies the list of groups that can be resolved.
- findableUsers List<String>
- Specifies the list of users that can be resolved.
- gecosAttribute String
- Specifies the LDAP GECOS attribute.
- gidAttribute String
- Specifies the LDAP GID attribute.
- groupBase StringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- groupDomain String
- Specifies the domain for this provider through which groups are qualified.
- groupFilter String
- Specifies the LDAP filter for group objects.
- groupMembers StringAttribute 
- Specifies the LDAP Group Members attribute.
- groupSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- groupnet String
- Groupnet identifier. Cannot be updated.
- homeDirectory StringTemplate 
- Specifies the path to the home directory template.
- homedirAttribute String
- Specifies the LDAP Homedir attribute.
- ignoreTls BooleanErrors 
- If true, continues over secure connections even if identity checks fail.
- ignoreUnresolvable BooleanServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- listableGroups List<String>
- Specifies the groups that can be viewed in the provider.
- listableUsers List<String>
- Specifies the users that can be viewed in the provider.
- loginShell String
- Specifies the login shell path.
- memberLookup StringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- memberOf StringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- name String
- Specifies the name of the LDAP provider.
- nameAttribute String
- Specifies the LDAP UID attribute, which is used as the login name.
- netgroupBase StringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- netgroupFilter String
- Specifies the LDAP filter for netgroup objects.
- netgroupMembers StringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- netgroupSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- netgroupTriple StringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- normalizeGroups Boolean
- Normalizes group names to lowercase before look up.
- normalizeUsers Boolean
- Normalizes user names to lowercase before look up.
- ntPassword StringAttribute 
- Specifies the LDAP NT Password attribute.
- ntlmSupport String
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- ocspServer List<String>Uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- providerDomain String
- Specifies the provider domain.
- requireSecure BooleanConnection 
- Determines whether to continue over a non-TLS connection.
- restrictFindable Boolean
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- restrictListable Boolean
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- searchScope String
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- searchTimeout Number
- Specifies the search timeout period in seconds.
- shadowExpire StringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- shadowFlag StringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- shadowInactive StringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- shadowLast StringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- shadowMax StringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- shadowMin StringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- shadowUser StringFilter 
- Sets LDAP filter for shadow user objects.
- shadowWarning StringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- shellAttribute String
- Specifies the LDAP Shell attribute.
- sshPublic StringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- status String
- Specifies the status of the provider.
- system Boolean
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- tlsProtocol StringMin 
- Specifies the minimum TLS protocol version.
- tlsRevocation StringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- uidAttribute String
- Specifies the LDAP UID Number attribute.
- unfindableGroups List<String>
- Specifies the groups that cannot be resolved by the provider.
- unfindableUsers List<String>
- Specifies users that cannot be resolved by the provider.
- uniqueGroup StringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- unlistableGroups List<String>
- Specifies a group that cannot be listed by the provider.
- unlistableUsers List<String>
- Specifies a user that cannot be listed by the provider.
- userBase StringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- userDomain String
- Specifies the domain for this provider through which users are qualified.
- userFilter String
- Specifies the LDAP filter for user objects.
- userSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
Outputs
All input properties are implicitly available as output properties. Additionally, the LdapProvider resource produces the following output properties:
Look up Existing LdapProvider Resource
Get an existing LdapProvider resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: LdapProviderState, opts?: CustomResourceOptions): LdapProvider@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        alternate_security_identities_attribute: Optional[str] = None,
        authentication: Optional[bool] = None,
        balance_servers: Optional[bool] = None,
        base_dn: Optional[str] = None,
        bind_dn: Optional[str] = None,
        bind_mechanism: Optional[str] = None,
        bind_timeout: Optional[float] = None,
        certificate_authority_file: Optional[str] = None,
        check_online_interval: Optional[float] = None,
        cn_attribute: Optional[str] = None,
        create_home_directory: Optional[bool] = None,
        crypt_password_attribute: Optional[str] = None,
        email_attribute: Optional[str] = None,
        enabled: Optional[bool] = None,
        enumerate_groups: Optional[bool] = None,
        enumerate_users: Optional[bool] = None,
        findable_groups: Optional[Sequence[str]] = None,
        findable_users: Optional[Sequence[str]] = None,
        gecos_attribute: Optional[str] = None,
        gid_attribute: Optional[str] = None,
        group_base_dn: Optional[str] = None,
        group_domain: Optional[str] = None,
        group_filter: Optional[str] = None,
        group_members_attribute: Optional[str] = None,
        group_search_scope: Optional[str] = None,
        groupnet: Optional[str] = None,
        home_directory_template: Optional[str] = None,
        homedir_attribute: Optional[str] = None,
        ignore_tls_errors: Optional[bool] = None,
        ignore_unresolvable_server_urls: Optional[bool] = None,
        listable_groups: Optional[Sequence[str]] = None,
        listable_users: Optional[Sequence[str]] = None,
        login_shell: Optional[str] = None,
        member_lookup_method: Optional[str] = None,
        member_of_attribute: Optional[str] = None,
        name: Optional[str] = None,
        name_attribute: Optional[str] = None,
        netgroup_base_dn: Optional[str] = None,
        netgroup_filter: Optional[str] = None,
        netgroup_members_attribute: Optional[str] = None,
        netgroup_search_scope: Optional[str] = None,
        netgroup_triple_attribute: Optional[str] = None,
        normalize_groups: Optional[bool] = None,
        normalize_users: Optional[bool] = None,
        nt_password_attribute: Optional[str] = None,
        ntlm_support: Optional[str] = None,
        ocsp_server_uris: Optional[Sequence[str]] = None,
        provider_domain: Optional[str] = None,
        require_secure_connection: Optional[bool] = None,
        restrict_findable: Optional[bool] = None,
        restrict_listable: Optional[bool] = None,
        search_scope: Optional[str] = None,
        search_timeout: Optional[float] = None,
        server_uris: Optional[Sequence[str]] = None,
        shadow_expire_attribute: Optional[str] = None,
        shadow_flag_attribute: Optional[str] = None,
        shadow_inactive_attribute: Optional[str] = None,
        shadow_last_change_attribute: Optional[str] = None,
        shadow_max_attribute: Optional[str] = None,
        shadow_min_attribute: Optional[str] = None,
        shadow_user_filter: Optional[str] = None,
        shadow_warning_attribute: Optional[str] = None,
        shell_attribute: Optional[str] = None,
        ssh_public_key_attribute: Optional[str] = None,
        status: Optional[str] = None,
        system: Optional[bool] = None,
        tls_protocol_min: Optional[str] = None,
        tls_revocation_check_level: Optional[str] = None,
        uid_attribute: Optional[str] = None,
        unfindable_groups: Optional[Sequence[str]] = None,
        unfindable_users: Optional[Sequence[str]] = None,
        unique_group_members_attribute: Optional[str] = None,
        unlistable_groups: Optional[Sequence[str]] = None,
        unlistable_users: Optional[Sequence[str]] = None,
        user_base_dn: Optional[str] = None,
        user_domain: Optional[str] = None,
        user_filter: Optional[str] = None,
        user_search_scope: Optional[str] = None,
        zone_name: Optional[str] = None) -> LdapProviderfunc GetLdapProvider(ctx *Context, name string, id IDInput, state *LdapProviderState, opts ...ResourceOption) (*LdapProvider, error)public static LdapProvider Get(string name, Input<string> id, LdapProviderState? state, CustomResourceOptions? opts = null)public static LdapProvider get(String name, Output<String> id, LdapProviderState state, CustomResourceOptions options)resources:  _:    type: powerscale:LdapProvider    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- AlternateSecurity stringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- Authentication bool
- If true, enables authentication and identity management through the authentication provider.
- BalanceServers bool
- If true, connects the provider to a random server.
- BaseDn string
- Specifies the root of the tree in which to search identities.
- BindDn string
- Specifies the distinguished name for binding to the LDAP server.
- BindMechanism string
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- BindTimeout double
- Specifies the timeout in seconds when binding to an LDAP server.
- string
- Specifies the path to the root certificates file.
- CheckOnline doubleInterval 
- Specifies the time in seconds between provider online checks.
- CnAttribute string
- Specifies the canonical name.
- CreateHome boolDirectory 
- Automatically create the home directory on the first login.
- CryptPassword stringAttribute 
- Specifies the hashed password value.
- EmailAttribute string
- Specifies the LDAP Email attribute.
- Enabled bool
- If true, enables the LDAP provider.
- EnumerateGroups bool
- If true, allows the provider to enumerate groups.
- EnumerateUsers bool
- If true, allows the provider to enumerate users.
- FindableGroups List<string>
- Specifies the list of groups that can be resolved.
- FindableUsers List<string>
- Specifies the list of users that can be resolved.
- GecosAttribute string
- Specifies the LDAP GECOS attribute.
- GidAttribute string
- Specifies the LDAP GID attribute.
- GroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- GroupDomain string
- Specifies the domain for this provider through which groups are qualified.
- GroupFilter string
- Specifies the LDAP filter for group objects.
- GroupMembers stringAttribute 
- Specifies the LDAP Group Members attribute.
- GroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- Groupnet string
- Groupnet identifier. Cannot be updated.
- HomeDirectory stringTemplate 
- Specifies the path to the home directory template.
- HomedirAttribute string
- Specifies the LDAP Homedir attribute.
- IgnoreTls boolErrors 
- If true, continues over secure connections even if identity checks fail.
- IgnoreUnresolvable boolServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- ListableGroups List<string>
- Specifies the groups that can be viewed in the provider.
- ListableUsers List<string>
- Specifies the users that can be viewed in the provider.
- LoginShell string
- Specifies the login shell path.
- MemberLookup stringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- MemberOf stringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- Name string
- Specifies the name of the LDAP provider.
- NameAttribute string
- Specifies the LDAP UID attribute, which is used as the login name.
- NetgroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- NetgroupFilter string
- Specifies the LDAP filter for netgroup objects.
- NetgroupMembers stringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- NetgroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- NetgroupTriple stringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- NormalizeGroups bool
- Normalizes group names to lowercase before look up.
- NormalizeUsers bool
- Normalizes user names to lowercase before look up.
- NtPassword stringAttribute 
- Specifies the LDAP NT Password attribute.
- NtlmSupport string
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- OcspServer List<string>Uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- ProviderDomain string
- Specifies the provider domain.
- RequireSecure boolConnection 
- Determines whether to continue over a non-TLS connection.
- RestrictFindable bool
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- RestrictListable bool
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- SearchScope string
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- SearchTimeout double
- Specifies the search timeout period in seconds.
- ServerUris List<string>
- Specifies the server URIs.
- ShadowExpire stringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- ShadowFlag stringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- ShadowInactive stringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- ShadowLast stringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- ShadowMax stringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- ShadowMin stringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- ShadowUser stringFilter 
- Sets LDAP filter for shadow user objects.
- ShadowWarning stringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- ShellAttribute string
- Specifies the LDAP Shell attribute.
- SshPublic stringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- Status string
- Specifies the status of the provider.
- System bool
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- TlsProtocol stringMin 
- Specifies the minimum TLS protocol version.
- TlsRevocation stringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- UidAttribute string
- Specifies the LDAP UID Number attribute.
- UnfindableGroups List<string>
- Specifies the groups that cannot be resolved by the provider.
- UnfindableUsers List<string>
- Specifies users that cannot be resolved by the provider.
- UniqueGroup stringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- UnlistableGroups List<string>
- Specifies a group that cannot be listed by the provider.
- UnlistableUsers List<string>
- Specifies a user that cannot be listed by the provider.
- UserBase stringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- UserDomain string
- Specifies the domain for this provider through which users are qualified.
- UserFilter string
- Specifies the LDAP filter for user objects.
- UserSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- ZoneName string
- Specifies the name of the access zone in which this provider was created.
- AlternateSecurity stringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- Authentication bool
- If true, enables authentication and identity management through the authentication provider.
- BalanceServers bool
- If true, connects the provider to a random server.
- BaseDn string
- Specifies the root of the tree in which to search identities.
- BindDn string
- Specifies the distinguished name for binding to the LDAP server.
- BindMechanism string
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- BindTimeout float64
- Specifies the timeout in seconds when binding to an LDAP server.
- string
- Specifies the path to the root certificates file.
- CheckOnline float64Interval 
- Specifies the time in seconds between provider online checks.
- CnAttribute string
- Specifies the canonical name.
- CreateHome boolDirectory 
- Automatically create the home directory on the first login.
- CryptPassword stringAttribute 
- Specifies the hashed password value.
- EmailAttribute string
- Specifies the LDAP Email attribute.
- Enabled bool
- If true, enables the LDAP provider.
- EnumerateGroups bool
- If true, allows the provider to enumerate groups.
- EnumerateUsers bool
- If true, allows the provider to enumerate users.
- FindableGroups []string
- Specifies the list of groups that can be resolved.
- FindableUsers []string
- Specifies the list of users that can be resolved.
- GecosAttribute string
- Specifies the LDAP GECOS attribute.
- GidAttribute string
- Specifies the LDAP GID attribute.
- GroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- GroupDomain string
- Specifies the domain for this provider through which groups are qualified.
- GroupFilter string
- Specifies the LDAP filter for group objects.
- GroupMembers stringAttribute 
- Specifies the LDAP Group Members attribute.
- GroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- Groupnet string
- Groupnet identifier. Cannot be updated.
- HomeDirectory stringTemplate 
- Specifies the path to the home directory template.
- HomedirAttribute string
- Specifies the LDAP Homedir attribute.
- IgnoreTls boolErrors 
- If true, continues over secure connections even if identity checks fail.
- IgnoreUnresolvable boolServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- ListableGroups []string
- Specifies the groups that can be viewed in the provider.
- ListableUsers []string
- Specifies the users that can be viewed in the provider.
- LoginShell string
- Specifies the login shell path.
- MemberLookup stringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- MemberOf stringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- Name string
- Specifies the name of the LDAP provider.
- NameAttribute string
- Specifies the LDAP UID attribute, which is used as the login name.
- NetgroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- NetgroupFilter string
- Specifies the LDAP filter for netgroup objects.
- NetgroupMembers stringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- NetgroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- NetgroupTriple stringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- NormalizeGroups bool
- Normalizes group names to lowercase before look up.
- NormalizeUsers bool
- Normalizes user names to lowercase before look up.
- NtPassword stringAttribute 
- Specifies the LDAP NT Password attribute.
- NtlmSupport string
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- OcspServer []stringUris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- ProviderDomain string
- Specifies the provider domain.
- RequireSecure boolConnection 
- Determines whether to continue over a non-TLS connection.
- RestrictFindable bool
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- RestrictListable bool
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- SearchScope string
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- SearchTimeout float64
- Specifies the search timeout period in seconds.
- ServerUris []string
- Specifies the server URIs.
- ShadowExpire stringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- ShadowFlag stringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- ShadowInactive stringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- ShadowLast stringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- ShadowMax stringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- ShadowMin stringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- ShadowUser stringFilter 
- Sets LDAP filter for shadow user objects.
- ShadowWarning stringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- ShellAttribute string
- Specifies the LDAP Shell attribute.
- SshPublic stringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- Status string
- Specifies the status of the provider.
- System bool
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- TlsProtocol stringMin 
- Specifies the minimum TLS protocol version.
- TlsRevocation stringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- UidAttribute string
- Specifies the LDAP UID Number attribute.
- UnfindableGroups []string
- Specifies the groups that cannot be resolved by the provider.
- UnfindableUsers []string
- Specifies users that cannot be resolved by the provider.
- UniqueGroup stringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- UnlistableGroups []string
- Specifies a group that cannot be listed by the provider.
- UnlistableUsers []string
- Specifies a user that cannot be listed by the provider.
- UserBase stringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- UserDomain string
- Specifies the domain for this provider through which users are qualified.
- UserFilter string
- Specifies the LDAP filter for user objects.
- UserSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- ZoneName string
- Specifies the name of the access zone in which this provider was created.
- alternateSecurity StringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- authentication Boolean
- If true, enables authentication and identity management through the authentication provider.
- balanceServers Boolean
- If true, connects the provider to a random server.
- baseDn String
- Specifies the root of the tree in which to search identities.
- bindDn String
- Specifies the distinguished name for binding to the LDAP server.
- bindMechanism String
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- bindTimeout Double
- Specifies the timeout in seconds when binding to an LDAP server.
- String
- Specifies the path to the root certificates file.
- checkOnline DoubleInterval 
- Specifies the time in seconds between provider online checks.
- cnAttribute String
- Specifies the canonical name.
- createHome BooleanDirectory 
- Automatically create the home directory on the first login.
- cryptPassword StringAttribute 
- Specifies the hashed password value.
- emailAttribute String
- Specifies the LDAP Email attribute.
- enabled Boolean
- If true, enables the LDAP provider.
- enumerateGroups Boolean
- If true, allows the provider to enumerate groups.
- enumerateUsers Boolean
- If true, allows the provider to enumerate users.
- findableGroups List<String>
- Specifies the list of groups that can be resolved.
- findableUsers List<String>
- Specifies the list of users that can be resolved.
- gecosAttribute String
- Specifies the LDAP GECOS attribute.
- gidAttribute String
- Specifies the LDAP GID attribute.
- groupBase StringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- groupDomain String
- Specifies the domain for this provider through which groups are qualified.
- groupFilter String
- Specifies the LDAP filter for group objects.
- groupMembers StringAttribute 
- Specifies the LDAP Group Members attribute.
- groupSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- groupnet String
- Groupnet identifier. Cannot be updated.
- homeDirectory StringTemplate 
- Specifies the path to the home directory template.
- homedirAttribute String
- Specifies the LDAP Homedir attribute.
- ignoreTls BooleanErrors 
- If true, continues over secure connections even if identity checks fail.
- ignoreUnresolvable BooleanServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- listableGroups List<String>
- Specifies the groups that can be viewed in the provider.
- listableUsers List<String>
- Specifies the users that can be viewed in the provider.
- loginShell String
- Specifies the login shell path.
- memberLookup StringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- memberOf StringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- name String
- Specifies the name of the LDAP provider.
- nameAttribute String
- Specifies the LDAP UID attribute, which is used as the login name.
- netgroupBase StringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- netgroupFilter String
- Specifies the LDAP filter for netgroup objects.
- netgroupMembers StringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- netgroupSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- netgroupTriple StringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- normalizeGroups Boolean
- Normalizes group names to lowercase before look up.
- normalizeUsers Boolean
- Normalizes user names to lowercase before look up.
- ntPassword StringAttribute 
- Specifies the LDAP NT Password attribute.
- ntlmSupport String
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- ocspServer List<String>Uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- providerDomain String
- Specifies the provider domain.
- requireSecure BooleanConnection 
- Determines whether to continue over a non-TLS connection.
- restrictFindable Boolean
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- restrictListable Boolean
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- searchScope String
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- searchTimeout Double
- Specifies the search timeout period in seconds.
- serverUris List<String>
- Specifies the server URIs.
- shadowExpire StringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- shadowFlag StringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- shadowInactive StringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- shadowLast StringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- shadowMax StringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- shadowMin StringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- shadowUser StringFilter 
- Sets LDAP filter for shadow user objects.
- shadowWarning StringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- shellAttribute String
- Specifies the LDAP Shell attribute.
- sshPublic StringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- status String
- Specifies the status of the provider.
- system Boolean
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- tlsProtocol StringMin 
- Specifies the minimum TLS protocol version.
- tlsRevocation StringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- uidAttribute String
- Specifies the LDAP UID Number attribute.
- unfindableGroups List<String>
- Specifies the groups that cannot be resolved by the provider.
- unfindableUsers List<String>
- Specifies users that cannot be resolved by the provider.
- uniqueGroup StringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- unlistableGroups List<String>
- Specifies a group that cannot be listed by the provider.
- unlistableUsers List<String>
- Specifies a user that cannot be listed by the provider.
- userBase StringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- userDomain String
- Specifies the domain for this provider through which users are qualified.
- userFilter String
- Specifies the LDAP filter for user objects.
- userSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- zoneName String
- Specifies the name of the access zone in which this provider was created.
- alternateSecurity stringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- authentication boolean
- If true, enables authentication and identity management through the authentication provider.
- balanceServers boolean
- If true, connects the provider to a random server.
- baseDn string
- Specifies the root of the tree in which to search identities.
- bindDn string
- Specifies the distinguished name for binding to the LDAP server.
- bindMechanism string
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- bindTimeout number
- Specifies the timeout in seconds when binding to an LDAP server.
- string
- Specifies the path to the root certificates file.
- checkOnline numberInterval 
- Specifies the time in seconds between provider online checks.
- cnAttribute string
- Specifies the canonical name.
- createHome booleanDirectory 
- Automatically create the home directory on the first login.
- cryptPassword stringAttribute 
- Specifies the hashed password value.
- emailAttribute string
- Specifies the LDAP Email attribute.
- enabled boolean
- If true, enables the LDAP provider.
- enumerateGroups boolean
- If true, allows the provider to enumerate groups.
- enumerateUsers boolean
- If true, allows the provider to enumerate users.
- findableGroups string[]
- Specifies the list of groups that can be resolved.
- findableUsers string[]
- Specifies the list of users that can be resolved.
- gecosAttribute string
- Specifies the LDAP GECOS attribute.
- gidAttribute string
- Specifies the LDAP GID attribute.
- groupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- groupDomain string
- Specifies the domain for this provider through which groups are qualified.
- groupFilter string
- Specifies the LDAP filter for group objects.
- groupMembers stringAttribute 
- Specifies the LDAP Group Members attribute.
- groupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- groupnet string
- Groupnet identifier. Cannot be updated.
- homeDirectory stringTemplate 
- Specifies the path to the home directory template.
- homedirAttribute string
- Specifies the LDAP Homedir attribute.
- ignoreTls booleanErrors 
- If true, continues over secure connections even if identity checks fail.
- ignoreUnresolvable booleanServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- listableGroups string[]
- Specifies the groups that can be viewed in the provider.
- listableUsers string[]
- Specifies the users that can be viewed in the provider.
- loginShell string
- Specifies the login shell path.
- memberLookup stringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- memberOf stringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- name string
- Specifies the name of the LDAP provider.
- nameAttribute string
- Specifies the LDAP UID attribute, which is used as the login name.
- netgroupBase stringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- netgroupFilter string
- Specifies the LDAP filter for netgroup objects.
- netgroupMembers stringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- netgroupSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- netgroupTriple stringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- normalizeGroups boolean
- Normalizes group names to lowercase before look up.
- normalizeUsers boolean
- Normalizes user names to lowercase before look up.
- ntPassword stringAttribute 
- Specifies the LDAP NT Password attribute.
- ntlmSupport string
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- ocspServer string[]Uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- providerDomain string
- Specifies the provider domain.
- requireSecure booleanConnection 
- Determines whether to continue over a non-TLS connection.
- restrictFindable boolean
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- restrictListable boolean
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- searchScope string
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- searchTimeout number
- Specifies the search timeout period in seconds.
- serverUris string[]
- Specifies the server URIs.
- shadowExpire stringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- shadowFlag stringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- shadowInactive stringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- shadowLast stringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- shadowMax stringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- shadowMin stringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- shadowUser stringFilter 
- Sets LDAP filter for shadow user objects.
- shadowWarning stringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- shellAttribute string
- Specifies the LDAP Shell attribute.
- sshPublic stringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- status string
- Specifies the status of the provider.
- system boolean
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- tlsProtocol stringMin 
- Specifies the minimum TLS protocol version.
- tlsRevocation stringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- uidAttribute string
- Specifies the LDAP UID Number attribute.
- unfindableGroups string[]
- Specifies the groups that cannot be resolved by the provider.
- unfindableUsers string[]
- Specifies users that cannot be resolved by the provider.
- uniqueGroup stringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- unlistableGroups string[]
- Specifies a group that cannot be listed by the provider.
- unlistableUsers string[]
- Specifies a user that cannot be listed by the provider.
- userBase stringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- userDomain string
- Specifies the domain for this provider through which users are qualified.
- userFilter string
- Specifies the LDAP filter for user objects.
- userSearch stringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- zoneName string
- Specifies the name of the access zone in which this provider was created.
- alternate_security_ stridentities_ attribute 
- Specifies the attribute name used when searching for alternate security identities.
- authentication bool
- If true, enables authentication and identity management through the authentication provider.
- balance_servers bool
- If true, connects the provider to a random server.
- base_dn str
- Specifies the root of the tree in which to search identities.
- bind_dn str
- Specifies the distinguished name for binding to the LDAP server.
- bind_mechanism str
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- bind_timeout float
- Specifies the timeout in seconds when binding to an LDAP server.
- str
- Specifies the path to the root certificates file.
- check_online_ floatinterval 
- Specifies the time in seconds between provider online checks.
- cn_attribute str
- Specifies the canonical name.
- create_home_ booldirectory 
- Automatically create the home directory on the first login.
- crypt_password_ strattribute 
- Specifies the hashed password value.
- email_attribute str
- Specifies the LDAP Email attribute.
- enabled bool
- If true, enables the LDAP provider.
- enumerate_groups bool
- If true, allows the provider to enumerate groups.
- enumerate_users bool
- If true, allows the provider to enumerate users.
- findable_groups Sequence[str]
- Specifies the list of groups that can be resolved.
- findable_users Sequence[str]
- Specifies the list of users that can be resolved.
- gecos_attribute str
- Specifies the LDAP GECOS attribute.
- gid_attribute str
- Specifies the LDAP GID attribute.
- group_base_ strdn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- group_domain str
- Specifies the domain for this provider through which groups are qualified.
- group_filter str
- Specifies the LDAP filter for group objects.
- group_members_ strattribute 
- Specifies the LDAP Group Members attribute.
- group_search_ strscope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- groupnet str
- Groupnet identifier. Cannot be updated.
- home_directory_ strtemplate 
- Specifies the path to the home directory template.
- homedir_attribute str
- Specifies the LDAP Homedir attribute.
- ignore_tls_ boolerrors 
- If true, continues over secure connections even if identity checks fail.
- ignore_unresolvable_ boolserver_ urls 
- Ignore unresolvable server URIs when creating and updating.
- listable_groups Sequence[str]
- Specifies the groups that can be viewed in the provider.
- listable_users Sequence[str]
- Specifies the users that can be viewed in the provider.
- login_shell str
- Specifies the login shell path.
- member_lookup_ strmethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- member_of_ strattribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- name str
- Specifies the name of the LDAP provider.
- name_attribute str
- Specifies the LDAP UID attribute, which is used as the login name.
- netgroup_base_ strdn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- netgroup_filter str
- Specifies the LDAP filter for netgroup objects.
- netgroup_members_ strattribute 
- Specifies the LDAP Netgroup Members attribute.
- netgroup_search_ strscope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- netgroup_triple_ strattribute 
- Specifies the LDAP Netgroup Triple attribute.
- normalize_groups bool
- Normalizes group names to lowercase before look up.
- normalize_users bool
- Normalizes user names to lowercase before look up.
- nt_password_ strattribute 
- Specifies the LDAP NT Password attribute.
- ntlm_support str
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- ocsp_server_ Sequence[str]uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- provider_domain str
- Specifies the provider domain.
- require_secure_ boolconnection 
- Determines whether to continue over a non-TLS connection.
- restrict_findable bool
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- restrict_listable bool
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- search_scope str
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- search_timeout float
- Specifies the search timeout period in seconds.
- server_uris Sequence[str]
- Specifies the server URIs.
- shadow_expire_ strattribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- shadow_flag_ strattribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- shadow_inactive_ strattribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- shadow_last_ strchange_ attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- shadow_max_ strattribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- shadow_min_ strattribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- shadow_user_ strfilter 
- Sets LDAP filter for shadow user objects.
- shadow_warning_ strattribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- shell_attribute str
- Specifies the LDAP Shell attribute.
- ssh_public_ strkey_ attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- status str
- Specifies the status of the provider.
- system bool
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- tls_protocol_ strmin 
- Specifies the minimum TLS protocol version.
- tls_revocation_ strcheck_ level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- uid_attribute str
- Specifies the LDAP UID Number attribute.
- unfindable_groups Sequence[str]
- Specifies the groups that cannot be resolved by the provider.
- unfindable_users Sequence[str]
- Specifies users that cannot be resolved by the provider.
- unique_group_ strmembers_ attribute 
- Sets the LDAP Unique Group Members attribute.
- unlistable_groups Sequence[str]
- Specifies a group that cannot be listed by the provider.
- unlistable_users Sequence[str]
- Specifies a user that cannot be listed by the provider.
- user_base_ strdn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- user_domain str
- Specifies the domain for this provider through which users are qualified.
- user_filter str
- Specifies the LDAP filter for user objects.
- user_search_ strscope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- zone_name str
- Specifies the name of the access zone in which this provider was created.
- alternateSecurity StringIdentities Attribute 
- Specifies the attribute name used when searching for alternate security identities.
- authentication Boolean
- If true, enables authentication and identity management through the authentication provider.
- balanceServers Boolean
- If true, connects the provider to a random server.
- baseDn String
- Specifies the root of the tree in which to search identities.
- bindDn String
- Specifies the distinguished name for binding to the LDAP server.
- bindMechanism String
- Specifies which bind mechanism to use when connecting to an LDAP server. The only supported option is the 'simple' value.
- bindTimeout Number
- Specifies the timeout in seconds when binding to an LDAP server.
- String
- Specifies the path to the root certificates file.
- checkOnline NumberInterval 
- Specifies the time in seconds between provider online checks.
- cnAttribute String
- Specifies the canonical name.
- createHome BooleanDirectory 
- Automatically create the home directory on the first login.
- cryptPassword StringAttribute 
- Specifies the hashed password value.
- emailAttribute String
- Specifies the LDAP Email attribute.
- enabled Boolean
- If true, enables the LDAP provider.
- enumerateGroups Boolean
- If true, allows the provider to enumerate groups.
- enumerateUsers Boolean
- If true, allows the provider to enumerate users.
- findableGroups List<String>
- Specifies the list of groups that can be resolved.
- findableUsers List<String>
- Specifies the list of users that can be resolved.
- gecosAttribute String
- Specifies the LDAP GECOS attribute.
- gidAttribute String
- Specifies the LDAP GID attribute.
- groupBase StringDn 
- Specifies the distinguished name of the entry where LDAP searches for groups are started.
- groupDomain String
- Specifies the domain for this provider through which groups are qualified.
- groupFilter String
- Specifies the LDAP filter for group objects.
- groupMembers StringAttribute 
- Specifies the LDAP Group Members attribute.
- groupSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- groupnet String
- Groupnet identifier. Cannot be updated.
- homeDirectory StringTemplate 
- Specifies the path to the home directory template.
- homedirAttribute String
- Specifies the LDAP Homedir attribute.
- ignoreTls BooleanErrors 
- If true, continues over secure connections even if identity checks fail.
- ignoreUnresolvable BooleanServer Urls 
- Ignore unresolvable server URIs when creating and updating.
- listableGroups List<String>
- Specifies the groups that can be viewed in the provider.
- listableUsers List<String>
- Specifies the users that can be viewed in the provider.
- loginShell String
- Specifies the login shell path.
- memberLookup StringMethod 
- Sets the method by which group member lookups are performed. Use caution when changing this option directly. Acceptable values: "default", "rfc2307bis".
- memberOf StringAttribute 
- Specifies the LDAP Query Member Of attribute, which performs reverse membership queries.
- name String
- Specifies the name of the LDAP provider.
- nameAttribute String
- Specifies the LDAP UID attribute, which is used as the login name.
- netgroupBase StringDn 
- Specifies the distinguished name of the entry where LDAP searches for netgroups are started.
- netgroupFilter String
- Specifies the LDAP filter for netgroup objects.
- netgroupMembers StringAttribute 
- Specifies the LDAP Netgroup Members attribute.
- netgroupSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- netgroupTriple StringAttribute 
- Specifies the LDAP Netgroup Triple attribute.
- normalizeGroups Boolean
- Normalizes group names to lowercase before look up.
- normalizeUsers Boolean
- Normalizes user names to lowercase before look up.
- ntPassword StringAttribute 
- Specifies the LDAP NT Password attribute.
- ntlmSupport String
- Specifies which NTLM versions to support for users with NTLM-compatible credentials. Acceptable values: "all", "v2only", "none".
- ocspServer List<String>Uris 
- Specifies the OCSP server URIs. Only available for PowerScale 9.5 and above.
- providerDomain String
- Specifies the provider domain.
- requireSecure BooleanConnection 
- Determines whether to continue over a non-TLS connection.
- restrictFindable Boolean
- If true, checks the provider for filtered lists of findable and unfindable users and groups.
- restrictListable Boolean
- If true, checks the provider for filtered lists of listable and unlistable users and groups.
- searchScope String
- Specifies the default depth from the base DN to perform LDAP searches. Acceptable values: "base", "onelevel", "subtree", "children".
- searchTimeout Number
- Specifies the search timeout period in seconds.
- serverUris List<String>
- Specifies the server URIs.
- shadowExpire StringAttribute 
- Sets the attribute name that indicates the absolute date to expire the account.
- shadowFlag StringAttribute 
- Sets the attribute name that indicates the section of the shadow map that is used to store the flag value.
- shadowInactive StringAttribute 
- Sets the attribute name that indicates the number of days of inactivity that is allowed for the user.
- shadowLast StringChange Attribute 
- Sets the attribute name that indicates the last change of the shadow information.
- shadowMax StringAttribute 
- Sets the attribute name that indicates the maximum number of days a password can be valid.
- shadowMin StringAttribute 
- Sets the attribute name that indicates the minimum number of days between shadow changes.
- shadowUser StringFilter 
- Sets LDAP filter for shadow user objects.
- shadowWarning StringAttribute 
- Sets the attribute name that indicates the number of days before the password expires to warn the user.
- shellAttribute String
- Specifies the LDAP Shell attribute.
- sshPublic StringKey Attribute 
- Sets the attribute name that indicates the SSH Public Key for the user.
- status String
- Specifies the status of the provider.
- system Boolean
- If true, indicates that this provider instance was created by OneFS and cannot be removed.
- tlsProtocol StringMin 
- Specifies the minimum TLS protocol version.
- tlsRevocation StringCheck Level 
- This setting controls the behavior of the certificate revocation checking algorithm when the LDAP provider is presented with a digital certificate by an LDAP server. Acceptable values: "none", "allowNoData", "allowNoSrc", "strict". Only available for PowerScale 9.5 and above.
- uidAttribute String
- Specifies the LDAP UID Number attribute.
- unfindableGroups List<String>
- Specifies the groups that cannot be resolved by the provider.
- unfindableUsers List<String>
- Specifies users that cannot be resolved by the provider.
- uniqueGroup StringMembers Attribute 
- Sets the LDAP Unique Group Members attribute.
- unlistableGroups List<String>
- Specifies a group that cannot be listed by the provider.
- unlistableUsers List<String>
- Specifies a user that cannot be listed by the provider.
- userBase StringDn 
- Specifies the distinguished name of the entry at which to start LDAP searches for users.
- userDomain String
- Specifies the domain for this provider through which users are qualified.
- userFilter String
- Specifies the LDAP filter for user objects.
- userSearch StringScope 
- Specifies the depth from the base DN to perform LDAP searches. Acceptable values: "default", "base", "onelevel", "subtree", "children".
- zoneName String
- Specifies the name of the access zone in which this provider was created.
Import
Copyright (c) 2023-2024 Dell Inc., or its subsidiaries. All Rights Reserved.
Licensed under the Mozilla Public License Version 2.0 (the “License”);
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://mozilla.org/MPL/2.0/
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an “AS IS” BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
The command is
$ pulumi import powerscale:index/ldapProvider:LdapProvider example_ldap_provider <ldapProviderName>
Example:
$ pulumi import powerscale:index/ldapProvider:LdapProvider example_ldap_provider ldapProviderName
after running this command, populate the name field and other required parameters in the config file to start managing this resource.
Note: running “terraform show” after importing shows the current config/state of the resource. You can copy/paste that config to make it easier to manage the resource.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- powerscale dell/terraform-provider-powerscale
- License
- Notes
- This Pulumi package is based on the powerscaleTerraform Provider.