Skip to main content
A newer release of this product is available.

Create an LDAP schema

Contributors

POST /name-services/ldap-schemas

Introduced In: 9.11

Creates an LDAP schema.

Important notes

  • To create a new schema, first create a copy of the default schemas provided by ONTAP and then modify the copy accordingly.

  • If no value is specified for the owner.uuid or owner.name fields, the cserver UUID and name are used by default.

  • vserver services name-service ldap client schema copy

Parameters

Name Type In Required Description

return_records

boolean

query

False

The default is false. If set to true, the records are returned.

  • Default value:

Request Body

Name Type Description

_links

_links

comment

string

Comment to associate with the schema.

global_schema

boolean

A global schema that can be used by all the SVMs.

name

string

The name of the schema being created, modified or deleted.

name_mapping

ldap_schema_name_mapping

owner

owner

rfc2307

rfc2307

rfc2307bis

rfc2307bis

scope

string

Scope of the entity. Set to "cluster" for cluster owned objects and to "svm" for SVM owned objects.

template

template

The existing schema template you want to copy.

Example request
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "comment": "Schema based on Active Directory Services for UNIX (read-only).",
  "global_schema": 1,
  "name": "AD-SFU-v1",
  "name_mapping": {
    "account": {
      "unix": "windowsAccount",
      "windows": "windowsAccount"
    },
    "windows_to_unix": {
      "attribute": "windowsAccount",
      "no_domain_prefix": "",
      "object_class": "User"
    }
  },
  "owner": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  },
  "rfc2307": {
    "attribute": {
      "gecos": "name",
      "gid_number": "msSFU30GidNumber",
      "home_directory": "msSFU30HomeDirectory",
      "login_shell": "msSFU30LoginShell",
      "uid": "sAMAccountName",
      "uid_number": "msSFU30UidNumber",
      "user_password": "msSFU30Password"
    },
    "cn": {
      "group": "cn",
      "netgroup": "name"
    },
    "member": {
      "nis_netgroup": "msSFU30MemberNisNetgroup",
      "uid": "msSFU30MemberUid"
    },
    "nis": {
      "mapentry": "msSFU30NisMapEntry",
      "mapname": "msSFU30NisMapName",
      "netgroup": "msSFU30NisNetGroup",
      "netgroup_triple": "msSFU30MemberOfNisNetgroup",
      "object": "msSFU30NisObject"
    },
    "posix": {
      "account": "User",
      "group": "Group"
    }
  },
  "rfc2307bis": {
    "enabled": "",
    "group_of_unique_names": "groupOfUniqueNames",
    "maximum_groups": 256,
    "unique_member": "uniqueMember"
  },
  "scope": "string",
  "template": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "AD-SFU-v1"
  }
}

Response

Status: 201, Created
Name Type Description

_links

_links

comment

string

Comment to associate with the schema.

global_schema

boolean

A global schema that can be used by all the SVMs.

name

string

The name of the schema being created, modified or deleted.

name_mapping

ldap_schema_name_mapping

owner

owner

rfc2307

rfc2307

rfc2307bis

rfc2307bis

scope

string

Scope of the entity. Set to "cluster" for cluster owned objects and to "svm" for SVM owned objects.

template

template

The existing schema template you want to copy.

Example response
{
  "_links": {
    "self": {
      "href": "/api/resourcelink"
    }
  },
  "comment": "Schema based on Active Directory Services for UNIX (read-only).",
  "global_schema": 1,
  "name": "AD-SFU-v1",
  "name_mapping": {
    "account": {
      "unix": "windowsAccount",
      "windows": "windowsAccount"
    },
    "windows_to_unix": {
      "attribute": "windowsAccount",
      "no_domain_prefix": "",
      "object_class": "User"
    }
  },
  "owner": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "svm1",
    "uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
  },
  "rfc2307": {
    "attribute": {
      "gecos": "name",
      "gid_number": "msSFU30GidNumber",
      "home_directory": "msSFU30HomeDirectory",
      "login_shell": "msSFU30LoginShell",
      "uid": "sAMAccountName",
      "uid_number": "msSFU30UidNumber",
      "user_password": "msSFU30Password"
    },
    "cn": {
      "group": "cn",
      "netgroup": "name"
    },
    "member": {
      "nis_netgroup": "msSFU30MemberNisNetgroup",
      "uid": "msSFU30MemberUid"
    },
    "nis": {
      "mapentry": "msSFU30NisMapEntry",
      "mapname": "msSFU30NisMapName",
      "netgroup": "msSFU30NisNetGroup",
      "netgroup_triple": "msSFU30MemberOfNisNetgroup",
      "object": "msSFU30NisObject"
    },
    "posix": {
      "account": "User",
      "group": "Group"
    }
  },
  "rfc2307bis": {
    "enabled": "",
    "group_of_unique_names": "groupOfUniqueNames",
    "maximum_groups": 256,
    "unique_member": "uniqueMember"
  },
  "scope": "string",
  "template": {
    "_links": {
      "self": {
        "href": "/api/resourcelink"
      }
    },
    "name": "AD-SFU-v1"
  }
}

Error

Status: Default

ONTAP Error Response Codes

Error Code Description

2621706

The specified SVM UUID is incorrect for the specified SVM name.

4915221

LDAP schema name in use in data SVM.

4915222

LDAP schema name in use in admin SVM.

Name Type Description

error

error

Example error
{
  "error": {
    "arguments": [
      {
        "code": "string",
        "message": "string"
      }
    ],
    "code": "4",
    "message": "entry doesn't exist",
    "target": "uuid"
  }
}

Definitions

See Definitions

href

Name Type Description

href

string

Name Type Description

self

href

ldap_schema_account

Name Type Description

unix

string

Attribute name used to retrieve UNIX account information.

windows

string

Attribute name used to retrieve Windows account information for a UNIX user account.

windows_to_unix

Name Type Description

attribute

string

Attribute name used to retrieve the UNIX account information for a Windows user account.

no_domain_prefix

boolean

Indicates whether or not the name for Windows to UNIX name mapping should have a domain prefix.

object_class

string

Name used to represent the windowsToUnix object class.

ldap_schema_name_mapping

Name Type Description

account

ldap_schema_account

windows_to_unix

windows_to_unix

owner

Name Type Description

_links

_links

name

string

The name of the SVM.

uuid

string

The unique identifier of the SVM.

attribute

Name Type Description

gecos

string

RFC 2307 gecos attribute.

gid_number

string

RFC 2307 gidNumber attribute.

home_directory

string

RFC 2307 homeDirectory attribute.

login_shell

string

RFC 2307 loginShell attribute.

uid

string

RFC 1274 userid attribute used by RFC 2307 as UID.

uid_number

string

RFC 2307 uidNumber attribute.

user_password

string

RFC 2256 userPassword attribute used by RFC 2307.

cn

Name Type Description

group

string

RFC 2256 cn attribute used by RFC 2307 when working with groups.

netgroup

string

RFC 2256 cn attribute used by RFC 2307 when working with netgroups.

member

Name Type Description

nis_netgroup

string

RFC 2307 memberNisNetgroup attribute.

uid

string

RFC 2307 memberUid attribute.

nis

Name Type Description

mapentry

string

RFC 2307 nisMapEntry attribute.

mapname

string

RFC 2307 nisMapName attribute.

netgroup

string

RFC 2307 nisNetgroup object class.

netgroup_triple

string

RFC 2307 nisNetgroupTriple attribute.

object

string

RFC 2307 nisObject object class.

posix

Name Type Description

account

string

RFC 2307 posixAccount object class.

group

string

RFC 2307 posixGroup object class.

rfc2307

Name Type Description

attribute

attribute

cn

cn

member

member

nis

nis

posix

posix

rfc2307bis

Name Type Description

enabled

boolean

Indicates whether RFC 2307bis is enabled for the client schema.

group_of_unique_names

string

RFC 2307bis groupOfUniqueNames object class.

maximum_groups

integer

Maximum number of groups supported when RFC 2307bis is enabled.

unique_member

string

RFC 2307bis uniqueMember attribute.

template

The existing schema template you want to copy.

Name Type Description

_links

_links

name

string

The name of the schema.

ldap_schema

Name Type Description

_links

_links

comment

string

Comment to associate with the schema.

global_schema

boolean

A global schema that can be used by all the SVMs.

name

string

The name of the schema being created, modified or deleted.

name_mapping

ldap_schema_name_mapping

owner

owner

rfc2307

rfc2307

rfc2307bis

rfc2307bis

scope

string

Scope of the entity. Set to "cluster" for cluster owned objects and to "svm" for SVM owned objects.

template

template

The existing schema template you want to copy.

error_arguments

Name Type Description

code

string

Argument code

message

string

Message argument

error

Name Type Description

arguments

array[error_arguments]

Message arguments

code

string

Error code

message

string

Error message

target

string

The target parameter that caused the error.