SunDSWithOpenAMSchema
Realm Operations
Resource path:
/realm-config/services/id-repositories/LDAPv3ForAMDS
Resource version: 1.0
create
Usage
am> create SunDSWithOpenAMSchema --realm Realm --id id --body body
Parameters
- --id
-
The unique identifier for the resource.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "userconfig" : { "type" : "object", "title" : "User Configuration", "propertyOrder" : 3, "properties" : { "sun-idrepo-ldapv3-config-users-search-attribute" : { "title" : "LDAP Users Search Attribute", "description" : "", "propertyOrder" : 2100, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-createuser-attr-mapping" : { "title" : "Create User Attribute Mapping", "description" : "Format: attribute name or TargetAttributeName=SourceAttributeName", "propertyOrder" : 2500, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-auth-kba-index-attr" : { "title" : "Knowledge Based Authentication Active Index", "description" : "", "propertyOrder" : 5400, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-people-container-name" : { "title" : "LDAP People Container Naming Attribute", "description" : "", "propertyOrder" : 5000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-isactive" : { "title" : "Attribute Name of User Status", "description" : "", "propertyOrder" : 2600, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-active" : { "title" : "User Status Active Value", "description" : "", "propertyOrder" : 2700, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-user-objectclass" : { "title" : "LDAP User Object Class", "description" : "", "propertyOrder" : 2300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-user-attributes" : { "title" : "LDAP User Attributes", "description" : "", "propertyOrder" : 2400, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-users-search-filter" : { "title" : "LDAP Users Search Filter", "description" : "", "propertyOrder" : 2200, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-people-container-value" : { "title" : "LDAP People Container Value", "description" : "", "propertyOrder" : 5100, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-auth-kba-attr" : { "title" : "Knowledge Based Authentication Attribute Name", "description" : "", "propertyOrder" : 5300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-inactive" : { "title" : "User Status Inactive Value", "description" : "", "propertyOrder" : 2800, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-auth-kba-attempts-attr" : { "title" : "Knowledge Based Authentication Attempts Attribute Name", "description" : "", "propertyOrder" : 5410, "required" : false, "type" : "string", "exampleValue" : "" } } }, "groupconfig" : { "type" : "object", "title" : "Group Configuration", "propertyOrder" : 5, "properties" : { "sun-idrepo-ldapv3-config-groups-search-attribute" : { "title" : "LDAP Groups Search Attribute", "description" : "", "propertyOrder" : 2900, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-uniquemember" : { "title" : "Attribute Name of Unique Member", "description" : "", "propertyOrder" : 3600, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-memberof" : { "title" : "Attribute Name for Group Membership", "description" : "", "propertyOrder" : 3500, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-group-container-name" : { "title" : "LDAP Groups Container Naming Attribute", "description" : "", "propertyOrder" : 3100, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-groups-search-filter" : { "title" : "LDAP Groups Search Filter", "description" : "", "propertyOrder" : 3000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-group-attributes" : { "title" : "LDAP Groups Attributes", "description" : "", "propertyOrder" : 3400, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-group-objectclass" : { "title" : "LDAP Groups Object Class", "description" : "", "propertyOrder" : 3300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-memberurl" : { "title" : "Attribute Name of Group Member URL", "description" : "", "propertyOrder" : 3700, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-group-container-value" : { "title" : "LDAP Groups Container Value", "description" : "", "propertyOrder" : 3200, "required" : false, "type" : "string", "exampleValue" : "" } } }, "ldapsettings" : { "type" : "object", "title" : "Server Settings", "propertyOrder" : 0, "properties" : { "sun-idrepo-ldapv3-config-connection_pool_max_size" : { "title" : "LDAP Connection Pool Maximum Size", "description" : "", "propertyOrder" : 1200, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-ldap-server" : { "title" : "LDAP Server", "description" : "Format: LDAP server host name:port | server_ID | site_ID", "propertyOrder" : 600, "required" : true, "items" : { "type" : "string" }, "minItems" : 1, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-max-result" : { "title" : "Maximum Results Returned from Search", "description" : "", "propertyOrder" : 1500, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-connection_pool_min_size" : { "title" : "LDAP Connection Pool Minimum Size", "description" : "", "propertyOrder" : 1100, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-authid" : { "title" : "LDAP Bind DN", "description" : "A user or admin with sufficient access rights to perform the supported operations.", "propertyOrder" : 700, "required" : false, "type" : "string", "exampleValue" : "" }, "openam-idrepo-ldapv3-heartbeat-timeunit" : { "title" : "LDAP Connection Heartbeat Time Unit", "description" : "Defines the time unit corresponding to the Heartbeat Interval setting.<br><br>This setting controls how often OpenAM <b>should</b> send a heartbeat search request to the configured directory. If a connection becomes unresponsive (e.g. due to a network error) then it may take up to the interval period before the problem is detected. Use along with the Heartbeat Interval parameter to define the exact interval.", "propertyOrder" : 1400, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-organization_name" : { "title" : "LDAP Organization DN", "description" : "", "propertyOrder" : 900, "required" : true, "type" : "string", "exampleValue" : "" }, "openam-idrepo-ldapv3-affinity-enabled" : { "title" : "Affinity Enabled", "description" : "Enables affinity based request load balancing when accessing the user store servers (based on DN). It is imperative that the connection string setting is set to the same value for all OpenAM servers in the deployment when this feature is enabled.", "propertyOrder" : 6200, "required" : true, "type" : "boolean", "exampleValue" : "" }, "openam-idrepo-ldapv3-heartbeat-interval" : { "title" : "LDAP Connection Heartbeat Interval", "description" : "Specifies how often should OpenAM send a heartbeat request to the directory.<br><br>This setting controls how often OpenAM <b>should</b> send a heartbeat search request to the configured directory. If a connection becomes unresponsive (e.g. due to a network error) then it may take up to the interval period before the problem is detected. Use along with the Heartbeat Time Unit parameter to define the exact interval. Zero or negative value will result in disabling heartbeat requests.", "propertyOrder" : 1300, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-search-scope" : { "title" : "LDAPv3 Plug-in Search Scope", "description" : "", "propertyOrder" : 2000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-connection-mode" : { "title" : "LDAP Connection Mode", "description" : "Defines which protocol/operation is used to establish the connection to the LDAP Directory Server.<br><br>If 'LDAP' is selected, the connection <b>won't be secured</b> and passwords are transferred in <b>cleartext</b> over the network.<br/> If 'LDAPS' is selected, the connection is secured via SSL or TLS. <br/> If 'StartTLS' is selected, the connection is secured by using StartTLS extended operation.", "propertyOrder" : 1000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-time-limit" : { "title" : "Search Timeout", "description" : "In seconds.", "propertyOrder" : 1600, "required" : false, "type" : "integer", "exampleValue" : "" }, "openam-idrepo-ldapv3-keepalive-searchfilter" : { "title" : "LDAP Connection Heartbeat Search Filter", "description" : "Defines the search filter to the KeepAlive and Availability Search request.<br><br>This setting controls the search filter to the KeepAlive and Availability search request. The default value for search filter is \"(objectClass=*)\". The Absolute True and False filter \"(&)\" can also be used. The LDAP server connection pool will be marked as unavailable if the search fails with an error, returns no entries, or if more than one entry is returned.", "propertyOrder" : 1302, "required" : false, "type" : "string", "exampleValue" : "" }, "openam-idrepo-ldapv3-behera-support-enabled" : { "title" : "Behera Support Enabled", "description" : "When enabled, Behera draft control will be used in the outgoing requests for operations that may modify password value. This will allow OpenAM to display password policy related error messages when password policies are not met.", "propertyOrder" : 6100, "required" : false, "type" : "boolean", "exampleValue" : "" }, "openam-idrepo-ldapv3-keepalive-searchbase" : { "title" : "LDAP Connection Heartbeat Search Base", "description" : "Defines the search base to the KeepAlive and Availability Search request.<br><br>This setting controls the search base to the KeepAlive and Availability search request. The default value for search base DN is \"\". The LDAP server connection pool will be marked as unavailable if the search fails with an error, returns no entries, or if more than one entry is returned.", "propertyOrder" : 1301, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-authpw" : { "title" : "LDAP Bind Password", "description" : "", "propertyOrder" : 800, "required" : false, "type" : "string", "format" : "password", "exampleValue" : "" } } }, "roleconfig" : { "type" : "object", "title" : "Role Configuration", "propertyOrder" : 6, "properties" : { "sun-idrepo-ldapv3-config-nsrolefilter" : { "title" : "Attribute Name of Filtered Role Filter", "description" : "", "propertyOrder" : 4900, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-nsroledn" : { "title" : "Attribute Name of Role Membership.", "description" : "", "propertyOrder" : 4800, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-filterroles-search-attribute" : { "title" : "LDAP Filter Roles Search Attribute", "description" : "", "propertyOrder" : 4300, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-nsrole" : { "title" : "Attribute Name for Filtered Role Membership", "description" : "", "propertyOrder" : 4700, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-filterrole-objectclass" : { "title" : "LDAP Filter Roles Object Class", "description" : "", "propertyOrder" : 4500, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-filterrole-attributes" : { "title" : "LDAP Filter Roles Attributes", "description" : "", "propertyOrder" : 4600, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-roles-search-attribute" : { "title" : "LDAP Roles Search Attribute", "description" : "", "propertyOrder" : 3900, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-role-objectclass" : { "title" : "LDAP Roles Object Class", "description" : "", "propertyOrder" : 4100, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-roles-search-filter" : { "title" : "LDAP Roles Search Filter", "description" : "", "propertyOrder" : 4000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-role-attributes" : { "title" : "LDAP Roles Attributes", "description" : "", "propertyOrder" : 4200, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-filterroles-search-filter" : { "title" : "LDAP Filter Roles Search Filter", "description" : "", "propertyOrder" : 4400, "required" : false, "type" : "string", "exampleValue" : "" } } }, "pluginconfig" : { "type" : "object", "title" : "Plug-in Configuration", "propertyOrder" : 2, "properties" : { "sunIdRepoSupportedOperations" : { "title" : "LDAPv3 Plug-in Supported Types and Operations", "description" : "", "propertyOrder" : 1900, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sunIdRepoClass" : { "title" : "LDAPv3 Repository Plug-in Class Name", "description" : "", "propertyOrder" : 1700, "required" : true, "type" : "string", "exampleValue" : "" }, "sunIdRepoAttributeMapping" : { "title" : "Attribute Name Mapping", "description" : "", "propertyOrder" : 1800, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" } } }, "persistentsearch" : { "type" : "object", "title" : "Persistent Search Controls", "propertyOrder" : 7, "properties" : { "sun-idrepo-ldapv3-config-psearch-scope" : { "title" : "Persistent Search Scope", "description" : "", "propertyOrder" : 5700, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-psearchbase" : { "title" : "Persistent Search Base DN", "description" : "", "propertyOrder" : 5500, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-psearch-filter" : { "title" : "Persistent Search Filter", "description" : "", "propertyOrder" : 5600, "required" : false, "type" : "string", "exampleValue" : "" } } }, "errorhandling" : { "type" : "object", "title" : "Error Handling Configuration", "propertyOrder" : 8, "properties" : { "com.iplanet.am.ldap.connection.delay.between.retries" : { "title" : "The Delay Time Between Retries", "description" : "In milliseconds.", "propertyOrder" : 5800, "required" : false, "type" : "integer", "exampleValue" : "" } } }, "cachecontrol" : { "type" : "object", "title" : "Cache Control", "propertyOrder" : 9, "properties" : { "sun-idrepo-ldapv3-dncache-size" : { "title" : "DN Cache Size", "description" : "In DN items, only used when DN Cache is enabled.", "propertyOrder" : 6000, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-dncache-enabled" : { "title" : "DN Cache", "description" : "Used to enable/disable the DN Cache within the OpenAM repository implementation.<br><br>The DN Cache is used to cache DN lookups which tend to happen in bursts during authentication. The DN Cache can become out of date when a user is moved or renamed in the underlying LDAP store and this is not reflected in a persistent search result. Enable when the underlying LDAP store supports persistent search and move/rename (mod_dn) results are available.", "propertyOrder" : 5900, "required" : false, "type" : "boolean", "exampleValue" : "" } } }, "authentication" : { "type" : "object", "title" : "Authentication Configuration", "propertyOrder" : 4, "properties" : { "sun-idrepo-ldapv3-config-auth-naming-attr" : { "title" : "Authentication Naming Attribute", "description" : "", "propertyOrder" : 5200, "required" : false, "type" : "string", "exampleValue" : "" } } } } }
delete
Usage
am> delete SunDSWithOpenAMSchema --realm Realm --id id
Parameters
- --id
-
The unique identifier for the resource.
getAllTypes
Obtain the collection of all secondary configuration types related to the resource.
Usage
am> action SunDSWithOpenAMSchema --realm Realm --actionName getAllTypes
getCreatableTypes
Obtain the collection of secondary configuration types that have yet to be added to the resource.
Usage
am> action SunDSWithOpenAMSchema --realm Realm --actionName getCreatableTypes
nextdescendents
Obtain the collection of secondary configuration instances that have been added to the resource.
Usage
am> action SunDSWithOpenAMSchema --realm Realm --actionName nextdescendents
query
Get the full list of instances of this collection. This query only supports _queryFilter=true filter.
Usage
am> query SunDSWithOpenAMSchema --realm Realm --filter filter
Parameters
- --filter
-
A CREST formatted query filter, where "true" will query all.
read
Usage
am> read SunDSWithOpenAMSchema --realm Realm --id id
Parameters
- --id
-
The unique identifier for the resource.
update
Usage
am> update SunDSWithOpenAMSchema --realm Realm --id id --body body
Parameters
- --id
-
The unique identifier for the resource.
- --body
-
The resource in JSON format, described by the following JSON schema:
{ "type" : "object", "properties" : { "userconfig" : { "type" : "object", "title" : "User Configuration", "propertyOrder" : 3, "properties" : { "sun-idrepo-ldapv3-config-users-search-attribute" : { "title" : "LDAP Users Search Attribute", "description" : "", "propertyOrder" : 2100, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-createuser-attr-mapping" : { "title" : "Create User Attribute Mapping", "description" : "Format: attribute name or TargetAttributeName=SourceAttributeName", "propertyOrder" : 2500, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-auth-kba-index-attr" : { "title" : "Knowledge Based Authentication Active Index", "description" : "", "propertyOrder" : 5400, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-people-container-name" : { "title" : "LDAP People Container Naming Attribute", "description" : "", "propertyOrder" : 5000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-isactive" : { "title" : "Attribute Name of User Status", "description" : "", "propertyOrder" : 2600, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-active" : { "title" : "User Status Active Value", "description" : "", "propertyOrder" : 2700, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-user-objectclass" : { "title" : "LDAP User Object Class", "description" : "", "propertyOrder" : 2300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-user-attributes" : { "title" : "LDAP User Attributes", "description" : "", "propertyOrder" : 2400, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-users-search-filter" : { "title" : "LDAP Users Search Filter", "description" : "", "propertyOrder" : 2200, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-people-container-value" : { "title" : "LDAP People Container Value", "description" : "", "propertyOrder" : 5100, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-auth-kba-attr" : { "title" : "Knowledge Based Authentication Attribute Name", "description" : "", "propertyOrder" : 5300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-inactive" : { "title" : "User Status Inactive Value", "description" : "", "propertyOrder" : 2800, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-auth-kba-attempts-attr" : { "title" : "Knowledge Based Authentication Attempts Attribute Name", "description" : "", "propertyOrder" : 5410, "required" : false, "type" : "string", "exampleValue" : "" } } }, "groupconfig" : { "type" : "object", "title" : "Group Configuration", "propertyOrder" : 5, "properties" : { "sun-idrepo-ldapv3-config-groups-search-attribute" : { "title" : "LDAP Groups Search Attribute", "description" : "", "propertyOrder" : 2900, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-uniquemember" : { "title" : "Attribute Name of Unique Member", "description" : "", "propertyOrder" : 3600, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-memberof" : { "title" : "Attribute Name for Group Membership", "description" : "", "propertyOrder" : 3500, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-group-container-name" : { "title" : "LDAP Groups Container Naming Attribute", "description" : "", "propertyOrder" : 3100, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-groups-search-filter" : { "title" : "LDAP Groups Search Filter", "description" : "", "propertyOrder" : 3000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-group-attributes" : { "title" : "LDAP Groups Attributes", "description" : "", "propertyOrder" : 3400, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-group-objectclass" : { "title" : "LDAP Groups Object Class", "description" : "", "propertyOrder" : 3300, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-memberurl" : { "title" : "Attribute Name of Group Member URL", "description" : "", "propertyOrder" : 3700, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-group-container-value" : { "title" : "LDAP Groups Container Value", "description" : "", "propertyOrder" : 3200, "required" : false, "type" : "string", "exampleValue" : "" } } }, "ldapsettings" : { "type" : "object", "title" : "Server Settings", "propertyOrder" : 0, "properties" : { "sun-idrepo-ldapv3-config-connection_pool_max_size" : { "title" : "LDAP Connection Pool Maximum Size", "description" : "", "propertyOrder" : 1200, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-ldap-server" : { "title" : "LDAP Server", "description" : "Format: LDAP server host name:port | server_ID | site_ID", "propertyOrder" : 600, "required" : true, "items" : { "type" : "string" }, "minItems" : 1, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-max-result" : { "title" : "Maximum Results Returned from Search", "description" : "", "propertyOrder" : 1500, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-connection_pool_min_size" : { "title" : "LDAP Connection Pool Minimum Size", "description" : "", "propertyOrder" : 1100, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-authid" : { "title" : "LDAP Bind DN", "description" : "A user or admin with sufficient access rights to perform the supported operations.", "propertyOrder" : 700, "required" : false, "type" : "string", "exampleValue" : "" }, "openam-idrepo-ldapv3-heartbeat-timeunit" : { "title" : "LDAP Connection Heartbeat Time Unit", "description" : "Defines the time unit corresponding to the Heartbeat Interval setting.<br><br>This setting controls how often OpenAM <b>should</b> send a heartbeat search request to the configured directory. If a connection becomes unresponsive (e.g. due to a network error) then it may take up to the interval period before the problem is detected. Use along with the Heartbeat Interval parameter to define the exact interval.", "propertyOrder" : 1400, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-organization_name" : { "title" : "LDAP Organization DN", "description" : "", "propertyOrder" : 900, "required" : true, "type" : "string", "exampleValue" : "" }, "openam-idrepo-ldapv3-affinity-enabled" : { "title" : "Affinity Enabled", "description" : "Enables affinity based request load balancing when accessing the user store servers (based on DN). It is imperative that the connection string setting is set to the same value for all OpenAM servers in the deployment when this feature is enabled.", "propertyOrder" : 6200, "required" : true, "type" : "boolean", "exampleValue" : "" }, "openam-idrepo-ldapv3-heartbeat-interval" : { "title" : "LDAP Connection Heartbeat Interval", "description" : "Specifies how often should OpenAM send a heartbeat request to the directory.<br><br>This setting controls how often OpenAM <b>should</b> send a heartbeat search request to the configured directory. If a connection becomes unresponsive (e.g. due to a network error) then it may take up to the interval period before the problem is detected. Use along with the Heartbeat Time Unit parameter to define the exact interval. Zero or negative value will result in disabling heartbeat requests.", "propertyOrder" : 1300, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-search-scope" : { "title" : "LDAPv3 Plug-in Search Scope", "description" : "", "propertyOrder" : 2000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-connection-mode" : { "title" : "LDAP Connection Mode", "description" : "Defines which protocol/operation is used to establish the connection to the LDAP Directory Server.<br><br>If 'LDAP' is selected, the connection <b>won't be secured</b> and passwords are transferred in <b>cleartext</b> over the network.<br/> If 'LDAPS' is selected, the connection is secured via SSL or TLS. <br/> If 'StartTLS' is selected, the connection is secured by using StartTLS extended operation.", "propertyOrder" : 1000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-time-limit" : { "title" : "Search Timeout", "description" : "In seconds.", "propertyOrder" : 1600, "required" : false, "type" : "integer", "exampleValue" : "" }, "openam-idrepo-ldapv3-keepalive-searchfilter" : { "title" : "LDAP Connection Heartbeat Search Filter", "description" : "Defines the search filter to the KeepAlive and Availability Search request.<br><br>This setting controls the search filter to the KeepAlive and Availability search request. The default value for search filter is \"(objectClass=*)\". The Absolute True and False filter \"(&)\" can also be used. The LDAP server connection pool will be marked as unavailable if the search fails with an error, returns no entries, or if more than one entry is returned.", "propertyOrder" : 1302, "required" : false, "type" : "string", "exampleValue" : "" }, "openam-idrepo-ldapv3-behera-support-enabled" : { "title" : "Behera Support Enabled", "description" : "When enabled, Behera draft control will be used in the outgoing requests for operations that may modify password value. This will allow OpenAM to display password policy related error messages when password policies are not met.", "propertyOrder" : 6100, "required" : false, "type" : "boolean", "exampleValue" : "" }, "openam-idrepo-ldapv3-keepalive-searchbase" : { "title" : "LDAP Connection Heartbeat Search Base", "description" : "Defines the search base to the KeepAlive and Availability Search request.<br><br>This setting controls the search base to the KeepAlive and Availability search request. The default value for search base DN is \"\". The LDAP server connection pool will be marked as unavailable if the search fails with an error, returns no entries, or if more than one entry is returned.", "propertyOrder" : 1301, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-authpw" : { "title" : "LDAP Bind Password", "description" : "", "propertyOrder" : 800, "required" : false, "type" : "string", "format" : "password", "exampleValue" : "" } } }, "roleconfig" : { "type" : "object", "title" : "Role Configuration", "propertyOrder" : 6, "properties" : { "sun-idrepo-ldapv3-config-nsrolefilter" : { "title" : "Attribute Name of Filtered Role Filter", "description" : "", "propertyOrder" : 4900, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-nsroledn" : { "title" : "Attribute Name of Role Membership.", "description" : "", "propertyOrder" : 4800, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-filterroles-search-attribute" : { "title" : "LDAP Filter Roles Search Attribute", "description" : "", "propertyOrder" : 4300, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-nsrole" : { "title" : "Attribute Name for Filtered Role Membership", "description" : "", "propertyOrder" : 4700, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-filterrole-objectclass" : { "title" : "LDAP Filter Roles Object Class", "description" : "", "propertyOrder" : 4500, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-filterrole-attributes" : { "title" : "LDAP Filter Roles Attributes", "description" : "", "propertyOrder" : 4600, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-roles-search-attribute" : { "title" : "LDAP Roles Search Attribute", "description" : "", "propertyOrder" : 3900, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-role-objectclass" : { "title" : "LDAP Roles Object Class", "description" : "", "propertyOrder" : 4100, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-roles-search-filter" : { "title" : "LDAP Roles Search Filter", "description" : "", "propertyOrder" : 4000, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-role-attributes" : { "title" : "LDAP Roles Attributes", "description" : "", "propertyOrder" : 4200, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-filterroles-search-filter" : { "title" : "LDAP Filter Roles Search Filter", "description" : "", "propertyOrder" : 4400, "required" : false, "type" : "string", "exampleValue" : "" } } }, "pluginconfig" : { "type" : "object", "title" : "Plug-in Configuration", "propertyOrder" : 2, "properties" : { "sunIdRepoSupportedOperations" : { "title" : "LDAPv3 Plug-in Supported Types and Operations", "description" : "", "propertyOrder" : 1900, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" }, "sunIdRepoClass" : { "title" : "LDAPv3 Repository Plug-in Class Name", "description" : "", "propertyOrder" : 1700, "required" : true, "type" : "string", "exampleValue" : "" }, "sunIdRepoAttributeMapping" : { "title" : "Attribute Name Mapping", "description" : "", "propertyOrder" : 1800, "required" : false, "items" : { "type" : "string" }, "type" : "array", "exampleValue" : "" } } }, "persistentsearch" : { "type" : "object", "title" : "Persistent Search Controls", "propertyOrder" : 7, "properties" : { "sun-idrepo-ldapv3-config-psearch-scope" : { "title" : "Persistent Search Scope", "description" : "", "propertyOrder" : 5700, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-psearchbase" : { "title" : "Persistent Search Base DN", "description" : "", "propertyOrder" : 5500, "required" : false, "type" : "string", "exampleValue" : "" }, "sun-idrepo-ldapv3-config-psearch-filter" : { "title" : "Persistent Search Filter", "description" : "", "propertyOrder" : 5600, "required" : false, "type" : "string", "exampleValue" : "" } } }, "errorhandling" : { "type" : "object", "title" : "Error Handling Configuration", "propertyOrder" : 8, "properties" : { "com.iplanet.am.ldap.connection.delay.between.retries" : { "title" : "The Delay Time Between Retries", "description" : "In milliseconds.", "propertyOrder" : 5800, "required" : false, "type" : "integer", "exampleValue" : "" } } }, "cachecontrol" : { "type" : "object", "title" : "Cache Control", "propertyOrder" : 9, "properties" : { "sun-idrepo-ldapv3-dncache-size" : { "title" : "DN Cache Size", "description" : "In DN items, only used when DN Cache is enabled.", "propertyOrder" : 6000, "required" : false, "type" : "integer", "exampleValue" : "" }, "sun-idrepo-ldapv3-dncache-enabled" : { "title" : "DN Cache", "description" : "Used to enable/disable the DN Cache within the OpenAM repository implementation.<br><br>The DN Cache is used to cache DN lookups which tend to happen in bursts during authentication. The DN Cache can become out of date when a user is moved or renamed in the underlying LDAP store and this is not reflected in a persistent search result. Enable when the underlying LDAP store supports persistent search and move/rename (mod_dn) results are available.", "propertyOrder" : 5900, "required" : false, "type" : "boolean", "exampleValue" : "" } } }, "authentication" : { "type" : "object", "title" : "Authentication Configuration", "propertyOrder" : 4, "properties" : { "sun-idrepo-ldapv3-config-auth-naming-attr" : { "title" : "Authentication Naming Attribute", "description" : "", "propertyOrder" : 5200, "required" : false, "type" : "string", "exampleValue" : "" } } } } }