Directory Service

Resources related to directory service.

ActiveDirectory

The ActiveDirectory resource represents the configuration settings for the Active Directory service integration.

List resource

GET /api/v1.0/directoryservice/activedirectory/

Returns the active directory settings dictionary.

Example request:

GET /api/v1.0/directoryservice/activedirectory/ HTTP/1.1
Content-Type: application/json

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json

  {
          "ad_enable": false,
          "ad_certificate": null,
          "ad_allow_dns_updates": true,
          "ad_allow_trusted_doms": false,
          "ad_bindname": "",
          "ad_bindpw": "",
          "ad_dcname": null,
          "ad_disable_freenas_cache": false,
          "ad_dns_timeout": 60,
          "ad_domainname": "vovomain",
          "ad_enable_monitor": false,
          "ad_gcname": null,
          "ad_groupdn": "",
          "ad_idmap_backend": "rid",
          "ad_kerberos_principal": null,
          "ad_kerberos_realm": null,
          "ad_ldap_sasl_wrapping": "plain",
          "ad_monitor_frequency": 60,
          "ad_nss_info": null,
          "ad_netbiosalias": "",
          "ad_netbiosname_a": "NAS",
          "ad_recover_retry": 10,
          "ad_site": "",
          "ad_ssl": "off",
          "ad_timeout": 60,
          "ad_unix_extensions": false,
          "ad_use_default_domain": false,
          "ad_userdn": "",
          "ad_verbose_logging": false,
          "id": 1
  }
Response Headers:
 
  • Content-Type – content type of the response
Status Codes:
  • 200 – no error

Update resource

PUT /api/v1.0/directoryservice/activedirectory/

Update active directory.

Example request:

PUT /api/v1.0/directoryservice/activedirectory/ HTTP/1.1
Content-Type: application/json

  {
          "ad_netbiosname_a": "mynas",
          "ad_domainname": "mydomain",
          "ad_bindname": "admin",
          "ad_bindpw": "mypw"
  }

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json

  {
          "ad_enable": false,
          "ad_certficate": "",
          "ad_ssl": "off",
          "ad_gcname": "",
          "ad_use_default_domain": true,
          "ad_dcname": "",
          "ad_bindname": "admin",
          "ad_bindpw": "mypw",
          "ad_unix_extensions": false,
          "ad_timeout": 10,
          "ad_kerberos_principal": "",
          "ad_kerberos_realm": "",
          "ad_domainname": "mydomain",
          "ad_dns_timeout": 10,
          "ad_verbose_logging": false,
          "ad_allow_trusted_doms": false,
          "ad_netbiosname_a": "mynas",
          "id": 1
  }
JSON Parameters:
 
  • ad_allow_dns_updates (boolean) – allow DNS updates
  • ad_allow_trusted_doms (boolean) – allow Trusted Domains
  • ad_bindname (string) – domain account name
  • ad_bindpw (string) – domain account password
  • ad_certificate (string) – SSL certificate
  • ad_dcname (string) – hostname of the domain controller to use
  • ad_disable_freenas_cache (boolean) – disable AD user/group cache
  • ad_dns_timeout (integer) – timeout for AD DNS queries
  • ad_domainname (string) – AD domain name
  • ad_enable_monitor (boolean) – enable monitoring
  • ad_enable (string) – enable active directory
  • ad_gcname (string) – hostname of the global catalog server to use
  • ad_groupdn (string) – DN of the group container in AD
  • ad_idmap_backend (string) – IDmap backend
  • ad_kerberos_principal (string) – Kerberos principal
  • ad_kerberos_realm (string) – Kerberos realm
  • ad_ldap_sasl_wrapping (string) – LDAP SASL wrapping mode (plain/signed/sealed)
  • ad_monitor_frequency (integer) – AD check connectivity frequency in seconds
  • ad_netbiosalias (string) – NetBIOS alias
  • ad_netbiosname_a (string) – NetBIOS system hostname
  • ad_nss_info (string) – winbind NSS info
  • ad_recover_retry (integer) – how many recovery attempts
  • ad_site (string) – site name
  • ad_ssl (string) – encryption mode (on/off/start_tls)
  • ad_timeout (integer) – timeout for AD operations
  • ad_unix_extensions (boolean) – unix extensions
  • ad_use_default_domain (boolean) – use default domain for users and groups
  • ad_userdn (string) – DN of the user container in AD
  • ad_verbose_logging (boolean) – verbose logging
Request Headers:
 
  • Content-Type – the request content type
Response Headers:
 
  • Content-Type – the response content type
Status Codes:
  • 200 – no error

LDAP

The LDAP resource represents the configuration settings for LDAP service.

List resource

GET /api/v1.0/directoryservice/ldap/

Returns the LDAP settings dictionary.

Example request:

GET /api/v1.0/directoryservice/ldap/ HTTP/1.1
Content-Type: application/json

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json

  {
      "id": 1,
      "ldap_anonbind": false,
      "ldap_auxiliary_parameters": "",
      "ldap_basedn": "",
      "ldap_binddn": "",
      "ldap_bindpw": "",
      "ldap_certificate": null,
      "ldap_dns_timeout": 10,
      "ldap_enable": false,
      "ldap_groupsuffix": "",
      "ldap_has_samba_schema": false,
      "ldap_hostname": "",
      "ldap_idmap_backend": "ldap",
      "ldap_kerberos_principal": null,
      "ldap_kerberos_realm": null,
      "ldap_machinesuffix": "",
      "ldap_netbiosalias": "",
      "ldap_netbiosname_a": "NAS",
      "ldap_passwordsuffix": "",
      "ldap_schema": "rfc2307",
      "ldap_ssl": "off",
      "ldap_sudosuffix": "",
      "ldap_timeout": 10,
      "ldap_usersuffix": ""
  }
Response Headers:
 
  • Content-Type – content type of the response
Status Codes:
  • 200 – no error

Update resource

PUT /api/v1.0/directoryservice/ldap/

Update LDAP.

Example request:

PUT /api/v1.0/directoryservice/ldap/ HTTP/1.1
Content-Type: application/json

  {
          "ldap_hostname": "ldaphostname",
          "ldap_basedn": "dc=test,dc=org"
  }

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json

  {
          "ldap_hostname": "ldaphostname",
          "ldap_groupsuffix": "",
          "ldap_passwordsuffix": "",
          "ldap_anonbind": false,
          "ldap_ssl": "off",
          "ldap_machinesuffix": "",
          "ldap_basedn": "dc=test,dc=org",
          "ldap_usersuffix": "",
          "ldap_bindpw": "",
          "ldap_binddn": "",
          "ldap_enable": false,
          "ldap_certificate": "",
          "id": 1
  }
JSON Parameters:
 
  • ldap_anonbind (boolean) – allow anonymous binding
  • ldap_auxiliary_parameters (string) – parameters to add to sssd.conf
  • ldap_basedn (string) – default base Distinguished Name (DN) to use for searches
  • ldap_binddn (string) – Distinguished Name with which to bind to the directory server
  • ldap_bindpw (string) – credentials with which to bind
  • ldap_certificate (string) – id of your certificate
  • ldap_dns_timeout (integer) – timeout for LDAP DNS queries
  • ldap_enable (boolean) – enable LDAP directory service
  • ldap_groupsuffix (string) – suffix that is used for groups
  • ldap_has_samba_schema (boolean) – does LDAP have Samba schema
  • ldap_hostname (string) – name or IP address of the LDAP server
  • ldap_idmap_backend (string) – IDmap backend
  • ldap_kerberos_principal (string) – Kerberos principal
  • ldap_kerberos_realm (string) – Kerberos realm
  • ldap_machinesuffix (string) – suffix that is used for machines
  • ldap_netbiosalias (string) – NetBIOS alias
  • ldap_netbiosname_a (string) – NetBIOS hostname
  • ldap_passwordsuffix (string) – suffix that is used for passwords
  • ldap_schema (string) – LDAP schema type
  • ldap_ssl (string) – encryption mode (off/on/start_tls)
  • ldap_sudosuffix (string) – suffix that is used for SUDO users
  • ldap_timeout (integer) – timeout for LDAP commands
  • ldap_usersuffix (string) – suffix that is used for users
Request Headers:
 
  • Content-Type – the request content type
Response Headers:
 
  • Content-Type – the response content type
Status Codes:
  • 200 – no error

NIS

The NIS resource represents the configuration settings for NIS service.

List resource

GET /api/v1.0/directoryservice/nis/

Returns the NIS settings dictionary.

Example request:

GET /api/v1.0/directoryservice/nis/ HTTP/1.1
Content-Type: application/json

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json

  {
          "nis_servers": "",
          "nis_secure_mode": false,
          "nis_manycast": false,
          "id": 1,
          "nis_enable": false,
          "nis_domain": ""
  }
Response Headers:
 
  • Content-Type – content type of the response
Status Codes:
  • 200 – no error

Update resource

PUT /api/v1.0/directoryservice/nis/

Update NIS.

Example request:

PUT /api/v1.0/directoryservice/nis/ HTTP/1.1
Content-Type: application/json

  {
          "nis_domain": "nisdomain"
  }

Example response:

HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json

  {
          "nis_servers": "",
          "nis_secure_mode": false,
          "nis_manycast": false,
          "id": 1,
          "nis_enable": false,
          "nis_domain": "nisdomain"
  }
JSON Parameters:
 
  • nis_domain (string) – nis domain name
  • nis_servers (string) – comma delimited list of NIS servers
  • nis_secure_mode (boolean) – cause ypbind to run in secure mode
  • nis_manycast (boolean) – cause ypbind to use “many-cast” instead of broadcast
  • nis_enable (boolean) – enable nis
Request Headers:
 
  • Content-Type – the request content type
Response Headers:
 
  • Content-Type – the response content type
Status Codes:
  • 200 – no error