REST API reference
A newer release of this product is available.
Name-services LDAP endpoint overview
Contributors
Suggest changes
PDFs
Overview
LDAP servers are used to centrally maintain user information. LDAP configurations must be set up to lookup information stored in the LDAP directory on the external LDAP servers. This API is used to retrieve and manage LDAP server configurations.
Retrieving LDAP information
The LDAP GET endpoint retrieves all of the LDAP configurations in the cluster.
Examples
Retrieving all of the fields for all LDAP configurations
# The API:
/api/name-services/ldap
# The call:
curl -X GET "https://<mgmt-ip>/api/name-services/ldap?fields=*" -H "accept: application/hal+json"
# The response:
{
"records": [
{
"svm": {
"uuid": "179d3c85-7053-11e8-b9b8-005056b41bd1",
"name": "vs1"
"_links": {
"self": {
"href": "/api/svm/svms/179d3c85-7053-11e8-b9b8-005056b41bd1"
}
}
},
"servers": [
"10.10.10.10",
"domainB.example.com"
],
"schema": "ad_idmu",
"port": 389,
"min_bind_level": "anonymous",
"bind_dn": "cn=Administrators,cn=users,dc=domainA,dc=example,dc=com",
"base_dn": "dc=domainA,dc=example,dc=com",
"base_scope": "subtree",
"use_start_tls": true,
"session_security": "none",
"_links": {
"self": {
"href": "/api/name-services/ldap/179d3c85-7053-11e8-b9b8-005056b41bd1"
}
}
},
{
"svm": {
"uuid": "6a52023b-7066-11e8-b9b8-005056b41bd1",
"name": "vs2"
"_links": {
"self": {
"href": "/api/svm/svms/6a52023b-7066-11e8-b9b8-005056b41bd1"
}
}
},
"servers": [
"11.11.11.11"
],
"schema": "rfc_2307",
"port": 389,
"min_bind_level": "simple",
"bind_dn": "cn=Administrators,cn=users,dc=domainB,dc=example,dc=com",
"base_dn": "dc=domainB,dc=example,dc=com",
"base_scope": "subtree",
"use_start_tls": true,
"session_security": "sign",
"_links": {
"self": {
"href": "/api/name-services/ldap/6a52023b-7066-11e8-b9b8-005056b41bd1"
}
}
}
],
"num_records": 2,
"_links": {
"self": {
"href": "/api/name-services/ldap?fields=*"
}
}
}
Retrieving all of the LDAP configurations that have the use_start_tls set to true
# The API:
/api/name-services/ldap
# The call:
curl -X GET "https://<mgmt-ip>/api/name-services/ldap?use_start_tls=true" -H "accept: application/hal+json"
# The response:
{
"records": [
{
"svm": {
"uuid": "6a52023b-7066-11e8-b9b8-005056b41bd1",
"name": "vs2"
"_links": {
"self": {
"href": "/api/svm/svms/6a52023b-7066-11e8-b9b8-005056b41bd1"
}
}
},
"use_start_tls": true,
"_links": {
"self": {
"href": "/api/name-services/ldap/6a52023b-7066-11e8-b9b8-005056b41bd1"
}
}
}
],
"num_records": 1,
"_links": {
"self": {
"href": "/api/name-services/ldap?use_start_tls=true"
}
}
}
Retrieving the LDAP configuration of a specific SVM
# The API:
/api/name-services/ldap/{svm.uuid}
# The call:
curl -X GET "https://<mgmt-ip>/api/name-services/ldap/179d3c85-7053-11e8-b9b8-005056b41bd1" -H "accept: application/json"
# The response:
{
"svm": {
"uuid": "179d3c85-7053-11e8-b9b8-005056b41bd1",
"name": "vs1"
"_links": {
"self": {
"href": "/api/svm/svms/179d3c85-7053-11e8-b9b8-005056b41bd1"
}
}
},
"servers": [
"10.10.10.10",
"domainB.example.com"
],
"schema": "ad_idmu",
"port": 389,
"min_bind_level": "anonymous",
"bind_dn": "cn=Administrators,cn=users,dc=domainA,dc=example,dc=com",
"base_dn": "dc=domainA,dc=example,dc=com",
"base_scope": "subtree",
"use_start_tls": true,
"session_security": "none",
"_links": {
"self": {
"href": "/api/name-services/ldap/179d3c85-7053-11e8-b9b8-005056b41bd1"
}
}
}
Creating an LDAP configuration
The LDAP POST endpoint creates an LDAP configuration for the specified SVM.
Examples
Creating an LDAP configuration with all the fields specified
# The API:
/api/name-services/ldap
# The call:
curl -X POST "https://<mgmt-ip>/api/name-services/ldap" -H "accept: application/hal+json" -H "Content-Type: application/json" -d "{ \"svm\": { \"uuid\": \"179d3c85-7053-11e8-b9b8-005056b41bd1\" }, \"servers\": [ \"10.10.10.10\"\, \"domainB.example.com\" ], \"schema\": \"ad_idmu\", \"port\": 389, \"min_bind_level\": \"anonymous\", \"bind_dn\": \"cn=Administrators,cn=users,dc=domainA,dc=example,dc=com\", \"bind_password\": \"abc\", \"base_dn\": \"dc=domainA,dc=example,dc=com\", \"base_scope\": \"subtree\", \"use_start_tls\": false, \"session_security\": \"none\"}"
Creating an LDAP configuration with Active Directory domain and preferred Active Directory servers specified
# The API:
/api/name-services/ldap
# The call:
curl -X POST "https://<mgmt-ip>/api/name-services/ldap" -H "accept: application/hal+json" -H "Content-Type: application/json" -d "{ \"svm\": { \"name\": \"vs2\" }, \"ad_domain\": \"domainA.example.com\", \"preferred_ad_servers\": [ \"11.11.11.11\" ], \"port\": 389, \"bind_dn\": \"cn=Administrators,cn=users,dc=domainA,dc=example,dc=com\", \"bind_password\": \"abc\", \"base_dn\": \"dc=domainA,dc=example,dc=com\", \"session_security\": \"none\"}"
Creating an LDAP configuration with a number of optional fields not specified
# The API:
/api/name-services/ldap
# The call:
curl -X POST "https://<mgmt-ip>/api/name-services/ldap" -H "accept: application/hal+json" -H "Content-Type: application/json" -d "{ \"svm\": { \"name\": \"vs2\" }, \"servers\": [ \"11.11.11.11\" ], \"port\": 389, \"bind_dn\": \"cn=Administrators,cn=users,dc=domainA,dc=example,dc=com\", \"bind_password\": \"abc\", \"base_dn\": \"dc=domainA,dc=example,dc=com\", \"session_security\": \"none\"}"
Updating an LDAP configuration
The LDAP PATCH endpoint updates the LDAP configuration for the specified SVM. The following example shows a PATCH operation:
# The API:
/api/name-services/ldap/{svm.uuid}
# The call:
curl -X PATCH "https://<mgmt-ip>/api/name-services/ldap/179d3c85-7053-11e8-b9b8-005056b41bd1" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"servers\": [ \"55.55.55.55\" ], \"schema\": \"ad_idmu\", \"port\": 636, \"use_start_tls\": false }"
Deleting an LDAP configuration
The LDAP DELETE endpoint deletes the LDAP configuration for the specified SVM. The following example shows a DELETE operation:
# The API:
/api/name-services/ldap/{svm.uuid}
# The call:
curl -X DELETE "https://<mgmt-ip>/api/name-services/ldap/179d3c85-7053-11e8-b9b8-005056b41bd1" -H "accept: application/hal+json"