Edit directory mapping

This method edits an existing directory mapping.

To run this web service, the user must be a member of the Vault Admins group and have the following permissions:

Audit users
Add/Update users
Manage Directory Mapping

URL

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %
If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/

https://<IIS_Server_Ip>/PasswordVault/API/Configuration/LDAP/Directories/{DomainName}/Mappings/{id}/

The following mandatory value is required in the URL:

Parameter	DomainName
Type	String
Description	The URL of the domain.
Parameter	id
Type	Integer
Description	Unique ID of the directory mapping

Resource Information

HTTP method	PUT
Content type	application/json

Header parameter

Parameter	Authorization
Type	String
Description	The token that identifies the session.
Valid values	A session token that was returned from the “Logon” method, encoded in BASE 64.

Body parameters

{
"LDAPBranch": "string",
"MappingAuthorizations": [
],
"MappingName": "string",
"LDAPQuery": "string",
"DomainGroups": [
"string"
],
"UserActivityLogPeriod": <1-3650>
}

Parameter	mappingName (mandatory)
Type	String
Description	The name of the PAM - Self-Hosted role. For example: Vault Admins, Safe Managers.
Valid values	Body
Parameter	ldapBranch (mandatory)
Type	String
Description	The LDAP branch that is used for external directory queries.
Valid values	Body
Parameter	ldapQuery
Type	String
Description	The filter that will be applied to the users in the specified branch to ensure that only certain users will have access to the Vault
Valid values	Body
Parameter	domainGroups
Type	List of Strings
Description	Users who belong to these LDAP groups will be automatically assigned to the relevant roles in the PAM - Self-Hosted system.
Valid values	Body
Parameter	mappingAuthorization
Type	List of Strings
Description	The security attributes and permissions that are applied when an LDAP user account is created in the Vault. Possible permissions : AddSafes AuditUsers AddUpdateUsers ResetUsersPasswords ActivateUsers AddNetworkAreas ManageServerFileCategories BackupAllSafes RestoreAllSafes To apply specific permissions to a mapping, the user must have the same permissions.
Valid values	Body
Parameter	UserActivityLogPeriod
Type	Number
Description	The number of days that activity records are stored for users in the current mapping before they can be deleted.
Valid values	1-3650

Result

{
"LDAPBranch": "string",
"VaultGroups": [
"string"
],
"MappingAuthorizations": [
"AddUpdateUsers"
],
"Location": "string",
"AuthenticationMethod": [
"AuthTypePass"
],
"UserType": "string",
"DisableUser": true,
"UserActivityLogPeriod": 0,
"UserExpiration": 0,
"LogonFromHour": 0,
"LogonToHour": 0,
"MappingID": 0,
"DirectoryMappingOrder": 0,
"MappingName": "string",
"LDAPQuery": "string",
"DomainGroups": [
"string"
]
}

Parameter	authenticationMethod
Type	String
Description	The authentication method used by users created by this map to log onto the Vault.
Parameter	userExpiration
Type	Integer
Description	The date in Unix time after which user accounts in the current mapping are no longer accessible. '0' (zero) indicates never.
Parameter	userType
Type	String
Description	The interfaces that users in the current mapping can use to access the Vault. This is only available to users with "Add/Update users" permissions.
Parameter	ldapBranch
Type	String
Description	The LDAP branch that is used for external directory queries.
Parameter	userActivityLogPeriod
Type	Integer
Description	The number of days that activity records for users in the current mapping are stored before they can be deleted.
Parameter	directoryMappingOrder
Type	Integer
Description	The order of the Maps in the Directory Mapping window is the order in which the Maps are matched with users and groups from the External Directory to determin if they can be created in the Vault.
Parameter	mappingAuthorization
Type	String
Description	Security attributes and permissions that are applied when LDAP user accounts in the current mapping are created in the Vault. For example: mappingAuthorization: AddSafes , AddUpdateUsers , ActivateUsers
Parameter	location
Type	String
Description	The Vault location where users in the current mapping are added.
Parameter	mappingID
Type	Integer
Description	The UID of the specific mapping being updated.
Parameter	mappingName
Type	String
Description	The unique name of the PAM - Self-Hosted role being updated.
Parameter	ldapQuery
Type	String
Description	Filter applied to users in the specified branch to ensure that only certain users will have access to the Vault.
Parameter	domainGroups
Type	String
Description	Users who belong to these LDAP groups will be automatically assigned to the relevant roles in the PAM - Self-Hosted system.
Parameter	disableUser
Type	Boolean
Description	Whether or not users in the current mapping are temporarily inaccessible.
Parameter	logonFromHour
Type	Integer
Description	The time from when users in the current mapping can log onto the Vault. If this parameter is not returned, users can log onto the Vault at any time.
Parameter	logonToHour
Type	Integer
Description	The time until when users in the current mapping can log onto the Vault. If this parameter is not returned, users can log onto the Vault at any time.

Return Codes

For a complete list of return codes, see Return Codes.