{
"additionalProperties": false,
"description": "Advanced load balancer LdapDirectorySettings object",
"id": "ALBLdapDirectorySettings",
"module_id": "PolicyAdvancedLoadBalancer",
"properties": {
"admin_bind_dn": {
"description": "LDAP Admin User DN. Administrator credentials are required to search for users under user search DN or groups under group search DN.",
"required": false,
"title": "Admin bind dn",
"type": "string"
},
"group_filter": {
"default": "(objectClass=*)",
"description": "Group filter is used to identify groups during search. Default value when not specified in API or module is interpreted by ALB Controller as (objectClass=(STAR)).",
"required": false,
"title": "Group filter",
"type": "string"
},
"group_member_attribute": {
"default": "member",
"description": "LDAP group attribute that identifies each of the group members. Default value when not specified in API or module is interpreted by ALB Controller as member.",
"required": false,
"title": "Group member attribute",
"type": "string"
},
"group_member_is_full_dn": {
"default": true,
"description": "Group member entries contain full DNs instead of just user id attribute values. Default value when not specified in API or module is interpreted by ALB Controller as true.",
"required": false,
"title": "Group member is full dn",
"type": "boolean"
},
"group_search_dn": {
"description": "LDAP group search DN is the root of search for a given group in the LDAP directory. Only matching groups present in this LDAP directory sub-tree will be checked for user membership.",
"required": false,
"title": "Group search dn",
"type": "string"
},
"group_search_scope": {
"$ref": "ALBAuthLdapSearchScope,
"default": "AUTH_LDAP_SCOPE_SUBTREE",
"description": "LDAP group search scope defines how deep to search for the group starting from the group search DN. Enum options - AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_LDAP_SCOPE_SUBTREE.",
"required": false,
"title": "Group search scope"
},
"ignore_referrals": {
"default": false,
"description": "During user or group search, ignore searching referrals. Default value when not specified in API or module is interpreted by ALB Controller as false.",
"required": false,
"title": "Ignore referrals",
"type": "boolean"
},
"password": {
"description": "LDAP Admin User Password.",
"required": false,
"title": "Password",
"type": "string"
},
"user_attributes": {
"description": "LDAP user attributes to fetch on a successful user bind.",
"items": {
"type": "string"
},
"required": false,
"title": "User attributes",
"type": "array"
},
"user_id_attribute": {
"description": "LDAP user id attribute is the login attribute that uniquely identifies a single user record.",
"required": false,
"title": "User id attribute",
"type": "string"
},
"user_search_dn": {
"description": "LDAP user search DN is the root of search for a given user in the LDAP directory. Only user records present in this LDAP directory sub-tree will be validated.",
"required": false,
"title": "User search dn",
"type": "string"
},
"user_search_scope": {
"$ref": "ALBAuthLdapSearchScope,
"default": "AUTH_LDAP_SCOPE_ONE",
"description": "LDAP user search scope defines how deep to search for the user starting from user search DN. Enum options - AUTH_LDAP_SCOPE_BASE, AUTH_LDAP_SCOPE_ONE, AUTH_LDAP_SCOPE_SUBTREE. Default value when not specified in API or module is interpreted by ALB Controller as AUTH_LDAP_SCOPE_ONE.",
"required": false,
"title": "User search scope"
}
},
"title": "LdapDirectorySettings",
"type": "object"
}