LDAP endpoints
Sections
Use the v2 ds
(directory service) endpoint to get information about
the LDAP directory service connection.
Use the v1 LDAP endpoints to test the connection and replace LDAP settings.
GET /ds
Get information about your directory service. Authentication is required.
Request format
curl GET 'https://$(puppet config print server):4433/rbac-api/v2/ds' \
-H "X-Authentication:$(puppet-access show)"
Copied!
Response format
[
{
"id": "6e33eb78-820f-463a-a65c-e1ef291d59a8",
"help_link": "https://help.example.com",
"ssl": true,
"group_name_attr": "name",
"group_rdn": null,
"connect_timeout": 15,
"user_display_name_attr": "cn",
"disable_ldap_matching_rule_in_chain": false,
"ssl_hostname_validation": true,
"hostname": "ldap.example.com",
"base_dn": "dc=example,dc=com",
"user_lookup_attr": "uid",
"port": 636,
"login": "cn=ldapuser,ou=service,ou=users,dc=example,dc=com",
"group_lookup_attr": "cn",
"group_member_attr": "uniqueMember",
"ssl_wildcard_validation": false,
"user_email_attr": "mail",
"user_rdn": "ou=users",
"group_object_class": "groupOfUniqueNames",
"display_name": "Acme Corp Ldap server",
"search_nested_groups": true,
"start_tls": false
}
]
Copied!
Returns an empty array if no LDAP servers are configured.
You must have the directory_service:edit
permission
to view all fields; otherwise, only the display name of the directory server is
returned.
For information about each setting, refer to External directory settings.
For errors, refer to RBAC service errors.