aam authentication server ldap instance

Configure an authentication-server instance for a Lightweight Directory Access Protocol (LDAP) server.

instance Specification

Type Collection
Object Key(s) name
Collection Name instance-list
Collection URI /axapi/v3/aam/authentication/server/ldap/instance/
Element Name instance
Element URI /axapi/v3/aam/authentication/server/ldap/instance/{name}
Element Attributes instance_attributes
Statistics Data URI /axapi/v3/aam/authentication/server/ldap/instance/{name}/stats
Schema instance schema

Operations Allowed:

Operation Method URI Payload

Create Object

POST

/axapi/v3/aam/authentication/server/ldap/instance/

instance Attributes

Create List

POST

/axapi/v3/aam/authentication/server/ldap/instance/

instance Attributes

Get Object

GET

/axapi/v3/aam/authentication/server/ldap/instance/{name}

instance Attributes

Get List

GET

/axapi/v3/aam/authentication/server/ldap/instance/

instance-list

Modify Object

POST

/axapi/v3/aam/authentication/server/ldap/instance/{name}

instance Attributes

Replace Object

PUT

/axapi/v3/aam/authentication/server/ldap/instance/{name}

instance Attributes

Replace List

PUT

/axapi/v3/aam/authentication/server/ldap/instance/

instance-list

Delete Object

DELETE

/axapi/v3/aam/authentication/server/ldap/instance/{name}

instance Attributes

Get Stats

GET

/axapi/v3/aam/authentication/server/ldap/instance/{name}/stats

stats data

instance-list

instance-list is JSON List of instance Attributes

instance-list : [

instance Attributes

admin-dn

Description: The Distinguished Name (DN) of the LDAP admin account that is required to access the server (1-127 characters).

Type: string

Format: string-rlx

admin-secret

Description: Enable the use of an admin secret password.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

base

Description: LDAP server’s search base.

Type: string

Format: string-rlx

bind-with-dn

Description: Enable the enforcement of using DN for LDAP binding.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

default-domain

Description: Default domain for LDAP (cannot include “”).

Type: string

derive-bind-dn

Description: derive-bind-dn is a JSON Block . Please see below for derive-bind-dn

Type: Object

dn-attribute

Description: Specify Distinguished Name attribute.

Type: string

Format: string-rlx

Default: cn

encrypted

Description: Do NOT use this option manually. (This is an A10 reserved keyword.) (The ENCRYPTED secret string)

health-check

Description: Enable the server’s health check status. health-check and health-check-disable are mutually exclusive, so you will only configure one or the other.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable the configured health check configuration. health-check and health-check-disable are mutually exclusive, so you will only configure one or the other.

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Specify the name of an existing health check monitor. For use with health-check .

Type: string

Reference Object: /axapi/v3/health/monitor

host

Description: host is a JSON Block . Please see below for host

Type: Object

name

Description: Specify the LDAP authentication server name.

Type: string

Format: string-rlx

Required: Yes

port

Description: Protocol port on which the server listens for LDAP traffic.

Type: number

Range: 1-65534

Default: 389

port-hm

Description: Check port’s health status

Type: string

Mutual Exclusion: port-hm and port-hm-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

port-hm-disable

Description: Disable configured port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: port-hm-disable and port-hm are mutually exclusive

pwdmaxage

Description: Maximum amount of time in seconds that an end-user’s password can be cached. Use 0 seconds for no expiration.

Type: number

Range: 0-4294967295

Default: 0

sampling-enable

Description: sampling-enable is a JSON List . Please see below for sampling-enable

Type: List

secret-string

Description: Admin secret password.

Type: string

Format: password

timeout

Description: Maximum number of seconds the ACOS device waits for the LDAP server to respond to a request. If a request times out, the ACOS device aborts that request.

Type: number

Range: 1-255

Default: 10

uuid

Description: uuid of the object

Type: string

host

Specification
Type object

hostip

Description: Hostname or IPv4 address of the LDAP server.

Type: string

Format: host

Mutual Exclusion: hostip and hostipv6 are mutually exclusive

hostipv6

Description: IPv6 address of the LDAP server.

Type: string

Format: ipv6-address

Mutual Exclusion: hostipv6 and hostip are mutually exclusive

sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘admin-bind-success’: Admin Bind Success; ‘admin-bind-failure’: Admin Bind Failure; ‘bind-success’: User Bind Success; ‘bind-failure’: User Bind Failure; ‘search-success’: Search Success; ‘search-failure’: Search Failure; ‘authorize-success’: Authorization Success; ‘authorize-failure’: Authorization Failure; ‘timeout-error’: Timeout; ‘other-error’: Other Error; ‘request’: Request;

Type: string

Supported Values: all, admin-bind-success, admin-bind-failure, bind-success, bind-failure, search-success, search-failure, authorize-success, authorize-failure, timeout-error, other-error, request

derive-bind-dn

Specification
Type object

username-attr

Description: Specify the attribute name of username.

Type: string

Format: string-rlx

stats data

Counter Size Description
bind-failure 8 User Bind Failure
authorize-failure 8 Authorization Failure
admin-bind-failure 8 Admin Bind Failure
authorize-success 8 Authorization Success
timeout-error 8 Timeout
request 8 Request
admin-bind-success 8 Admin Bind Success
search-success 8 Search Success
other-error 8 Other Error
bind-success 8 User Bind Success
search-failure 8 Search Failure