| API Description | API Path |
|---|---|
Scan the size of a directory domainThis call scans the size of a directory domain. It may be very | expensive to run this call in some AD domain deployments. Please | use it with caution. |
POST /api/v1/directory/domain-size
|
List all configured domains |
GET /api/v1/directory/domains
|
Create a directory domain |
POST /api/v1/directory/domains
|
Delete a specific domain with given identifier |
DELETE /api/v1/directory/domains/<domain-id>
|
Get a specific domain with given identifier |
GET /api/v1/directory/domains/<domain-id>
|
Invoke full sync or delta sync for a specific domain, with additional delay in seconds if needed. Stop sync will try to stop any pending sync if any to return to idle state. |
POST /api/v1/directory/domains/<domain-id>
|
Update a directory domainUpdate to any field in the directory domain will trigger a full sync |
PUT /api/v1/directory/domains/<domain-id>
|
Search for directory groups within a domain based on the substring of a distinguished name. (e.g. CN=User,DC=acme,DC=com) The search filter pattern can optionally support multiple (up to 100 maximum) search pattern separated by '|' (url encoded %7C). In this case, the search results will be returned as the union of all matching criteria. (e.g. CN=Ann,CN=Users,DC=acme,DC=com|CN=Bob,CN=Users,DC=acme,DC=com) |
GET /api/v1/directory/domains/<domain-id>/groups
|
List members of a directory groupA member group could be either direct member of the group specified by group_id or nested member of it. Both direct member groups and nested member groups are returned. |
GET /api/v1/directory/domains/<domain-id>/groups/<group-id>/member-groups
|
List all configured domain LDAP servers |
GET /api/v1/directory/domains/<domain-id>/ldap-servers
|
Create a LDAP server for directory domainMore than one LDAP server can be created and only one LDAP server is used to synchronize directory objects. If more than one LDAP server is configured, NSX will try all the servers until it is able to successfully connect to one. |
POST /api/v1/directory/domains/<domain-id>/ldap-servers
|
Delete a LDAP server for directory domain |
DELETE /api/v1/directory/domains/<domain-id>/ldap-servers/<server-id>
|
Get a specific LDAP server for a given directory domain |
GET /api/v1/directory/domains/<domain-id>/ldap-servers/<server-id>
|
Test a LDAP server connection for directory domainThe API tests a LDAP server connection for an already configured domain. If the connection is successful, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. |
POST /api/v1/directory/domains/<domain-id>/ldap-servers/<server-id>
|
Update a LDAP server for directory domain |
PUT /api/v1/directory/domains/<domain-id>/ldap-servers/<server-id>
|
Get domain sync statistics for the given identifier |
GET /api/v1/directory/domains/<domain-id>/sync-stats
|
Test a directory domain LDAP server connectivityThis API tests a LDAP server connectivity before the actual domain or LDAP server is configured. If the connectivity is good, the response will be HTTP status 200. Otherwise the response will be HTTP status 500 and corresponding error message will be returned. |
POST /api/v1/directory/ldap-server
|