Create an LDAP schema
POST /name-services/ldap-schemas
Introduced In: 9.11
Creates an LDAP schema.
Important notes
-
To create a new schema, first create a copy of the default schemas provided by ONTAP and then modify the copy accordingly.
-
If no value is specified for the owner.uuid or owner.name fields, the cserver UUID and name are used by default.
Related ONTAP commands
-
vserver services name-service ldap client schema copy
Parameters
Name | Type | In | Required | Description |
---|---|---|---|---|
return_records |
boolean |
query |
False |
The default is false. If set to true, the records are returned.
|
Request Body
Name | Type | Description |
---|---|---|
_links |
||
comment |
string |
Comment to associate with the schema. |
global_schema |
boolean |
A global schema that can be used by all the SVMs. |
name |
string |
The name of the schema being created, modified or deleted. |
name_mapping |
||
owner |
SVM, applies only to SVM-scoped objects. |
|
rfc2307 |
||
rfc2307bis |
||
scope |
string |
Scope of the entity. Set to "cluster" for cluster owned objects and to "svm" for SVM owned objects. |
template |
The existing schema template you want to copy. |
Example request
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"comment": "Schema based on Active Directory Services for UNIX (read-only).",
"global_schema": 1,
"name": "AD-SFU-v1",
"name_mapping": {
"account": {
"unix": "windowsAccount",
"windows": "windowsAccount"
},
"windows_to_unix": {
"attribute": "windowsAccount",
"no_domain_prefix": "",
"object_class": "User"
}
},
"owner": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"rfc2307": {
"attribute": {
"gecos": "name",
"gid_number": "msSFU30GidNumber",
"home_directory": "msSFU30HomeDirectory",
"login_shell": "msSFU30LoginShell",
"uid": "sAMAccountName",
"uid_number": "msSFU30UidNumber",
"user_password": "msSFU30Password"
},
"cn": {
"group": "cn",
"netgroup": "name"
},
"member": {
"nis_netgroup": "msSFU30MemberNisNetgroup",
"uid": "msSFU30MemberUid"
},
"nis": {
"mapentry": "msSFU30NisMapEntry",
"mapname": "msSFU30NisMapName",
"netgroup": "msSFU30NisNetGroup",
"netgroup_triple": "msSFU30MemberOfNisNetgroup",
"object": "msSFU30NisObject"
},
"posix": {
"account": "User",
"group": "Group"
}
},
"rfc2307bis": {
"enabled": "",
"group_of_unique_names": "groupOfUniqueNames",
"maximum_groups": 256,
"unique_member": "uniqueMember"
},
"scope": "string",
"template": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "AD-SFU-v1"
}
}
Response
Status: 201, Created
Name | Type | Description |
---|---|---|
_links |
||
comment |
string |
Comment to associate with the schema. |
global_schema |
boolean |
A global schema that can be used by all the SVMs. |
name |
string |
The name of the schema being created, modified or deleted. |
name_mapping |
||
owner |
SVM, applies only to SVM-scoped objects. |
|
rfc2307 |
||
rfc2307bis |
||
scope |
string |
Scope of the entity. Set to "cluster" for cluster owned objects and to "svm" for SVM owned objects. |
template |
The existing schema template you want to copy. |
Example response
{
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"comment": "Schema based on Active Directory Services for UNIX (read-only).",
"global_schema": 1,
"name": "AD-SFU-v1",
"name_mapping": {
"account": {
"unix": "windowsAccount",
"windows": "windowsAccount"
},
"windows_to_unix": {
"attribute": "windowsAccount",
"no_domain_prefix": "",
"object_class": "User"
}
},
"owner": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "svm1",
"uuid": "02c9e252-41be-11e9-81d5-00a0986138f7"
},
"rfc2307": {
"attribute": {
"gecos": "name",
"gid_number": "msSFU30GidNumber",
"home_directory": "msSFU30HomeDirectory",
"login_shell": "msSFU30LoginShell",
"uid": "sAMAccountName",
"uid_number": "msSFU30UidNumber",
"user_password": "msSFU30Password"
},
"cn": {
"group": "cn",
"netgroup": "name"
},
"member": {
"nis_netgroup": "msSFU30MemberNisNetgroup",
"uid": "msSFU30MemberUid"
},
"nis": {
"mapentry": "msSFU30NisMapEntry",
"mapname": "msSFU30NisMapName",
"netgroup": "msSFU30NisNetGroup",
"netgroup_triple": "msSFU30MemberOfNisNetgroup",
"object": "msSFU30NisObject"
},
"posix": {
"account": "User",
"group": "Group"
}
},
"rfc2307bis": {
"enabled": "",
"group_of_unique_names": "groupOfUniqueNames",
"maximum_groups": 256,
"unique_member": "uniqueMember"
},
"scope": "string",
"template": {
"_links": {
"self": {
"href": "/api/resourcelink"
}
},
"name": "AD-SFU-v1"
}
}
Headers
Name | Description | Type |
---|---|---|
Location |
Useful for tracking the resource location |
string |
Error
Status: Default
ONTAP Error Response Codes
Error Code | Description |
---|---|
2621706 |
The specified SVM UUID is incorrect for the specified SVM name. |
4915221 |
LDAP schema name in use in data SVM. |
4915222 |
LDAP schema name in use in admin SVM. |
Name | Type | Description |
---|---|---|
error |
Example error
{
"error": {
"arguments": [
{
"code": "string",
"message": "string"
}
],
"code": "4",
"message": "entry doesn't exist",
"target": "uuid"
}
}
Definitions
See Definitions
href
Name | Type | Description |
---|---|---|
href |
string |
_links
Name | Type | Description |
---|---|---|
self |
ldap_schema_account
Name | Type | Description |
---|---|---|
unix |
string |
Attribute name used to retrieve UNIX account information. |
windows |
string |
Attribute name used to retrieve Windows account information for a UNIX user account. |
windows_to_unix
Name | Type | Description |
---|---|---|
attribute |
string |
Attribute name used to retrieve the UNIX account information for a Windows user account. |
no_domain_prefix |
boolean |
Indicates whether or not the name for Windows to UNIX name mapping should have a domain prefix. |
object_class |
string |
Name used to represent the windowsToUnix object class. |
ldap_schema_name_mapping
Name | Type | Description |
---|---|---|
account |
||
windows_to_unix |
owner
SVM, applies only to SVM-scoped objects.
Name | Type | Description |
---|---|---|
_links |
||
name |
string |
The name of the SVM. This field cannot be specified in a PATCH method. |
uuid |
string |
The unique identifier of the SVM. This field cannot be specified in a PATCH method. |
attribute
Name | Type | Description |
---|---|---|
gecos |
string |
RFC 2307 gecos attribute. |
gid_number |
string |
RFC 2307 gidNumber attribute. |
home_directory |
string |
RFC 2307 homeDirectory attribute. |
login_shell |
string |
RFC 2307 loginShell attribute. |
uid |
string |
RFC 1274 userid attribute used by RFC 2307 as UID. |
uid_number |
string |
RFC 2307 uidNumber attribute. |
user_password |
string |
RFC 2256 userPassword attribute used by RFC 2307. |
cn
Name | Type | Description |
---|---|---|
group |
string |
RFC 2256 cn attribute used by RFC 2307 when working with groups. |
netgroup |
string |
RFC 2256 cn attribute used by RFC 2307 when working with netgroups. |
member
Name | Type | Description |
---|---|---|
nis_netgroup |
string |
RFC 2307 memberNisNetgroup attribute. |
uid |
string |
RFC 2307 memberUid attribute. |
nis
Name | Type | Description |
---|---|---|
mapentry |
string |
RFC 2307 nisMapEntry attribute. |
mapname |
string |
RFC 2307 nisMapName attribute. |
netgroup |
string |
RFC 2307 nisNetgroup object class. |
netgroup_triple |
string |
RFC 2307 nisNetgroupTriple attribute. |
object |
string |
RFC 2307 nisObject object class. |
posix
Name | Type | Description |
---|---|---|
account |
string |
RFC 2307 posixAccount object class. |
group |
string |
RFC 2307 posixGroup object class. |
rfc2307
Name | Type | Description |
---|---|---|
attribute |
||
cn |
||
member |
||
nis |
||
posix |
rfc2307bis
Name | Type | Description |
---|---|---|
enabled |
boolean |
Indicates whether RFC 2307bis is enabled for the client schema. |
group_of_unique_names |
string |
RFC 2307bis groupOfUniqueNames object class. |
maximum_groups |