Account (Section)#
Path: /facilities/data-sources/data-source{id}/ldap/account
Parameters#
| Name | Type | Required | Default | Description |
|---|---|---|---|---|
| ldap-attribute-to-fetch | multi-value, non-empty-string | optional | List of user-attributes that are requested as part of user authentication. | |
| account-id-attribute | string | optional | The attribute that the LDAP Directory Server returns, and is to be considered the account Id for the user entry. If nothing is set, ‘uid’ will be used for directory type ‘generic’, and sAMAccountName for ‘active-directory’ | |
| username-attribute | string | optional | The attribute that the LDAP Directory Server returns, and is to be considered the username for the user entry. If nothing is set, ‘uid’ will be used for directory type ‘generic’, and sAMAccountName for ‘active-directory’ | |
| search-filter-account-id | string | optional | The filter to use when searching for a user in the LDAP Directory Server by its account Id, i.e. ‘uid=’, or for active-directory it’s usually ‘sAMAccountName=’. If not set, will default to (<account-id-attribute>={}) | |
| search-filter-username | string | optional | The filter to use when searching for a user in the LDAP Directory Server by its username, i.e. ‘uid=’, or for active-directory it’s usually ‘sAMAccountName=’. If not set, will default to (<username-attribute>={}) | |
| search-filter-mail | string | optional | (mail={}) | The filter to use when searching for a user by its email address. The default is ‘(mail=)‘ |
| search-filter-phone | string | optional | (telephoneNumber={}) | The filter to use when searching for a user by its phone number. The default is ‘(telephoneNumber=)‘ |
| active-state-attribute | string | optional | carLicense | The attribute to use to store the active state of the account. When Active Directory the active state attribute will always be ‘userAccountControl’ and this setting is ignored. |
| active-state-attribute-value | non-empty-string | optional | true | The attribute value that indicates that the account is active (e.g., ‘ACTIVE’), Any other value will be treated as inactive.Ignored when Active Directory is used. |
| inactive-state-attribute-value | non-empty-string | optional | false | The attribute value that indicates that the account is inactive (e.g., ‘INACTIVE’). This is used when creating disabled accounts or disabling accounts through the user-management profile. Ignored when Active Directory is used. |
| mobile-phone-number-attribute | string | optional | telephoneNumber | The attribute where the mobile phone number is set. This is only required if the number used for authentication is stored in a different attribute than ‘telephoneNumber’ |
| email-attribute | string | optional | mail | The attribute where the email-address is set. This is only required if the email address used for authentication is stored in a different attribute than ‘mail’. |