Get directory details
This method returns all the details of a specific directory in the Vault. Each directory will be returned with its own data.
To run this web service, the user must be a member of the Vault Admins group and have the following permission:
-
Audit Users
URL
|
|
-
Make sure there are no spaces in the URL.
-
The following characters are not supported in URL values: + & %
-
If the URL includes a dot (.), add a forward slash (/) at the end of the URL. For example: api/Safes/MySafe/Members/user@cyber.com/
Resource information
HTTP method |
Content type |
---|---|
GET |
application/json |
Header parameter
Parameter |
Description |
---|---|
Authorization |
The token that identifies the session, encoded in BASE 64. Type: String Mandatory: Yes Default value: None |
URL parameter
Parameter |
Description |
---|---|
id |
The unique ID of the directory. Type: String Mandatory: Yes Default value: None |
Make sure you add '/' at the end of the URL of this web service. |
Body parameters
None.
Result
Parameter |
Description |
||
---|---|---|---|
directoryType |
The name of the directory profile file that represents the profile the Vault should use when working with the specified LDAP directory. Taken from a list of predefined directory profiles. Specify an .INI file, including the extension. For example, MicrosoftADProfile.ini. Mandatory: Yes Type: String |
||
domainName |
The address of the domain. Mandatory: Yes Type: String |
||
bindUsername |
The full Distinguished Name of the Bind user. For Microsoft Active Directory, you can specify the Windows user name instead of the full Distinguished Name. This user must be a member of the same AD Domain group(s) as the external users and groups that will be defined in the Vault. Mandatory: Yes Type: String |
||
bindPassword |
The password for the user specified in the Bind User field. Mandatory: Yes Type: String |
||
hostAddresses |
The list of IP addresses of the host server/s where the external directories exist. If the Vaultuses an SSL connection to connect to the external directory, this name must match the subject that appears in the directory certificate. Mandatory: Yes Type: String |
||
domainBaseContext |
The base context of the external directory. Mandatory: Yes Type: String |
||
Port |
The port used to access the specified server. Standard ports:
Mandatory: Yes Type: Integer |
||
sslConnect |
Whether or not to connect to the external directory with SSL. Mandatory: Yes Type: Boolean |
||
ldapDirectoryName |
The name of the LDAP directory where users and groups are listed.
Mandatory: Yes Type: String |
||
ldapDirectoryQueryOrder |
The order in which the Vault searches directories for users before creating a corresponding user account or group in the Vault. Mandatory: Yes Type: Integer |
||
ldapDirectoryDescription |
A short description of the LDAP directory. Mandatory: Yes Type: String |
||
vaultObjectNamesPrefix |
The text that is used as a prefix for external users and groups in the Vault created from the specified directory. This parameter is ignored if the AddDomainToUserName parameter is set to True. Mandatory: No Type: String |
||
passwordObjectPath |
The location of the bind password in the Vault Internal Safe. Mandatory: Yes Type: String |
||
ldapDirectoryGroupsBaseContext |
The base context that is used for external directory queries for groups only. Mandatory: No Type: String |
||
ldapDirectoryUsage |
Whether you can create external objects from this external directory, browse it, authenticate users, or do all three. Possible values: ClientBrowsing, ExternalObjectsCreation, Authentication. The user is able to set one value, or multiple values separated by comma. Mandatory: Yes Type: String |
||
referralsChasingHopLimit |
The number of recursive LDAP referrals that are chased. Mandatory: Yes Default value: -1 Type: Integer |
||
requireReferredDirectoryDefinition |
Whether or not LDAP referrals are supported when an external directory parameter has been defined in the Vault for the referred directory. Mandatory: Yes Default value: No Type: Boolean |
||
appendFriendlyDomainNameToGroup |
Whether or not to add active directory domain names to the group names provisioned by the Vault.
Mandatory: Yes Type: Boolean |
||
referralsDNSLookup |
Enables referrals to be specified as domain names.
Mandatory: Yes Default value: False Type: Boolean |
||
disableUserEnumeration |
If set to True, prevents enumerating users from the directory for Safe ownership lockups. Mandatory: Yes Type: Boolean |
||
additionalQueryFilterOptimize |
Run an additional query filter for a specific user. Mandatory: Yes Type: Boolean |
||
clientBrowsing |
Whether or not to use this directory for PKI certificate browsing. Mandatory: Yes Type: Boolean |
||
externalObjectsCreation |
Whether or not to use this directory for user provisioning. Mandatory: Yes Type: Boolean |
||
authentication |
Whether or not to use this directory for authentication. Mandatory: Yes Type: Boolean |
||
useLDAPCertificatesOnly |
Determines whether the user certificate domain name can be set manually, or taken from the directory. Mandatory: Yes Type: Boolean |
||
disablePaging |
Determines whether or not to use page mode search while searching in the LDAP directory. Mandatory: No Type: Boolean |
||
provisionDisabledUsers |
Whether or not LDAP disabled users are created in the Vault. Mandatory: Yes Type: Boolean |
dcList (A list of host servers for External Directory)
Parameter |
Description |
---|---|
Name |
The name of the server where the external directory is installed. Type: String |
Port |
The port through which the external directory is accessed. Type: Integer |
SSLConnect |
Whether or not to connect to the external directory using SSL. Type: Boolean |
Return codes
For a complete list of return codes, see Return Codes.