Add Global Catalog connectivity details

This method adds Global Catalog connectivity details to the PTA Administration to broaden and increase the accuracy of Security Events detections.

To run this method, you must be a member of the Vault Admins or Security Admins group.

URL

  • Make sure there are no spaces in the URL.

  • The following characters are not supported in URL values: + & %

  • If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/

 

  
https://<PVWA_SERVER>/PasswordVault/API/pta/API/Administration/GCConnectivity

Resource information

HTTP method

POST

Content type

application/json

Header parameter

Parameter

Description

Authorization

(mandatory)

The token that identifies the session, encoded in BASE 64.

Type: string

Body parameters

 

  
{
"ldap_certificate": String,
"properties":{
"ldap_server": String,
"ssl": Bool,
"ldap_port": Number,
"upn": String,
"ldapPassword": String,
"accountID": String
}

 

Parameter

Description

ldap_certificate

(mandatory if ssl = true)

Base-64 encoded X.509 SSL certificate of the Global Catalog server.

Type: string
properties

ldap_server

(mandatory)

The Global Catalog server address in FQDN format.

Type: string

ssl

Whether to use a secure connection when connecting to Global Catalog.

Type: boolean

Default: true

ldap_port

(mandatory)

The server port number of the Global Catalog. The default Global Catalog ports are 3268 (LDAP) and 3269 (LDAPS).

Type: number

Default: 3269

upn

The User Principle Name of the Active Directory bind user that will be used to connect and query the Global Catalog.

If this parameter is valued, ldapPassword must also be valued and accountID must be blank.

Type: string

ldapPassword

The credentials of the Active Directory bind user that will be used to connect and query the Global Catalog.

If this parameter is valued, upn must also be valued and accountID must be blank.

Type: string

accountID

The ID of the vaulted Domain Account bind user that will be used to connect and query the Global Catalog.

If this parameter is valued, upn and ldapPassword must be blank.

Type: string

Result

  
{ 
"ldap_server": String,
"ldap_port": Number,
"upn": String,
"ldapPassword": null,
"account_id": String,
"ssl": Bool
}

 

Parameter

Description

ldap_server

The Global Catalog server address in FQDN format.

Type: string

ldap_port

The server port number of the Global Catalog. The default Global Catalog ports are 3268 (LDAP) and 3269 (LDAPS).

Type: number

upn

The User Principle Name of the Active Directory bind user that will be used to connect and query the Global Catalog.

Type: string

ldap_password

The credentials of the Active Directory bind user that will be used to connect and query the Global Catalog.

Always returned as null.

Type: string

account_id

The ID of the vaulted Domain Account bind user that will be used to connect and query the Global Catalog.

Returned as null when upn is configured.

Type: string

ssl

Whether a secure connection is used when connecting to Global Catalog.

Type: boolean

Return codes

For a complete list of return codes, see Return Codes.