domains_ldapssettings
Creates, updates, deletes, gets or lists a domains_ldapssettings resource.
Overview
| Name | domains_ldapssettings |
| Type | Resource |
| Id | google.managedidentities.domains_ldapssettings |
Fields
The following fields are returned by SELECT queries:
- get_ldapssettings
Successful response
| Name | Datatype | Description |
|---|---|---|
name | string | The resource name of the LDAPS settings. Uses the form: projects/{project}/locations/{location}/domains/{domain}. |
certificate | object | Output only. The certificate used to configure LDAPS. Certificates can be chained with a maximum length of 15. (id: Certificate) |
certificatePassword | string | Input only. The password used to encrypt the uploaded PFX certificate. |
certificatePfx | string (byte) | Input only. The uploaded PKCS12-formatted certificate to configure LDAPS with. It will enable the domain controllers in this domain to accept LDAPS connections (either LDAP over SSL/TLS or the StartTLS operation). A valid certificate chain must form a valid x.509 certificate chain (or be comprised of a single self-signed certificate. It must be encrypted with either: 1) PBES2 + PBKDF2 + AES256 encryption and SHA256 PRF; or 2) pbeWithSHA1And3-KeyTripleDES-CBC Private key must be included for the leaf / single self-signed certificate. Note: For a fqdn your-example-domain.com, the wildcard fqdn is *.your-example-domain.com. Specifically the leaf certificate must have: - Either a blank subject or a subject with CN matching the wildcard fqdn. - Exactly two SANs - the fqdn and wildcard fqdn. - Encipherment and digital key signature key usages. - Server authentication extended key usage (OID=1.3.6.1.5.5.7.3.1) - Private key must be in one of the following formats: RSA, ECDSA, ED25519. - Private key must have appropriate key length: 2048 for RSA, 256 for ECDSA - Signature algorithm of the leaf certificate cannot be MD2, MD5 or SHA1. |
state | string | Output only. The current state of this LDAPS settings. |
updateTime | string (google-datetime) | Output only. Last update time. |
Methods
The following methods are available for this resource:
| Name | Accessible by | Required Params | Optional Params | Description |
|---|---|---|---|---|
get_ldapssettings | select | projectsId, domainsId | Gets the domain ldaps settings. | |
update_ldapssettings | update | projectsId, domainsId | updateMask | Patches a single ldaps settings. |
Parameters
Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.
| Name | Datatype | Description |
|---|---|---|
domainsId | string | |
projectsId | string | |
updateMask | string (google-fieldmask) |
SELECT examples
- get_ldapssettings
Gets the domain ldaps settings.
SELECT
name,
certificate,
certificatePassword,
certificatePfx,
state,
updateTime
FROM google.managedidentities.domains_ldapssettings
WHERE projectsId = '{{ projectsId }}' -- required
AND domainsId = '{{ domainsId }}' -- required;
UPDATE examples
- update_ldapssettings
Patches a single ldaps settings.
UPDATE google.managedidentities.domains_ldapssettings
SET
data__name = '{{ name }}',
data__certificatePfx = '{{ certificatePfx }}',
data__certificatePassword = '{{ certificatePassword }}'
WHERE
projectsId = '{{ projectsId }}' --required
AND domainsId = '{{ domainsId }}' --required
AND updateMask = '{{ updateMask}}'
RETURNING
name,
done,
error,
metadata,
response;