admin.federationproviders#
Collection Note
This module is part of the nokia.eda_core_v1 collection. To install the collection, use:
Added in version1.0.0. Synopsis#
- Description will be added soon.
Parameters#
| Parameter | Defaults / Choices | Comments |
|---|---|---|
| auth dict | Description will be added soon. | |
| authToken str required | HTTP authentication (Bearer authentication) string in the format of "Bearer TOKEN". Required unless state is cronly. | |
| baseUrl str required | EDA API URL including the schema and port (if non standard for the provided schema). Example - https://try.eda.demo:9443. Required unless state is cronly. | |
| caPath str required | A path to the PEM-encoded CA certificate to use for TLS verification. Required unless state is cronly. | |
| enabled bool | If true, checking/syncing this LDAP provider is enabled. | |
| groupSupport dict | Description will be added soon. | |
| idAttribute str required | Name of the LDAP attribute, which is used as a unique object identifier (UUID) for objects in LDAP. | |
| import bool | If true, the LDAP information will be imported into the EDA (Keycloak) database. | |
| name str required | Name of the federationproviders. Required when state is query or absent. | |
| pagination bool | Set to true if the LDAP server supports pagination. | |
| periodicSync bool | If true, periodic synchronization of new changed or newly created LDAP users to Keycloak will occur. | |
| periodicSyncSecs int | If periodic sync is enabled, this is the period in seconds that synchronization will occur. | |
| rdnLDAPAttribute str required | Name of the LDAP attribute, which is used as RDN (top attribute) of typical user DN. Usually it's the same as the Username LDAP attribute, however it is not required. | |
| readOnly bool required | If false, changes made to LDAP-mapped attribute via EDA will be synced back to the LDAP server. Otherwise, changes are not made in LDAP. | |
| scope str | Must be One Level or Subtree. If One Level, the search applies only for users in the DNs specified by User DNs. If Subtree, the search applies to the whole subtree. | |
| state str required | Choices: absent, query, present | State of the requested resource object. |
| timeout int | LDAP connection timeout in milliseconds | |
| tls bool | If true, encrypts the connection to LDAP using STARTTLS | |
| tlsSkipVerify bool required | A flag to control the TLS verification of the session. Required unless state is cronly. | |
| type str required | The type of provider. Currently only ldap is supported. | |
| url str required | Connection URL to your LDAP server | |
| userDN str required | Full DN of LDAP tree where your users are. This DN is the parent of LDAP users. | |
| userObjectClasses str required | All values of LDAP objectClass attribute for users in LDAP, divided by commas. (e.g. inetOrgPerson, organizationalPerson). | |
| userSearchFilter str | Additional LDAP filter for filtering searched users. Leave this empty if you don't need an additional filter. Make sure that it starts with '(' and ends with ')'. | |
| usernameAttribute str required | Name of the LDAP attribute, which is mapped as EDA username. For many LDAP server vendors it can be 'uid'. | |
| uuid str | The unique identifier given to the entry when it is created. | |
| vendor str required | LDAP vendor (provider). |
Authors#
- Roman Dodin (@hellt)