Get directory details

This method returns all the details of a specific directory in the Vault. Each directory will be returned with its own data.

To run this web service, the user must be a member of the Vault Admins group and have the following permission:

  • Audit Users

URL

 

https://<IIS_Server_Ip>/PasswordVault/api/Configuration/LDAP/Directories/{id}/

The following mandatory value is required in the URL:

Parameter

id

Type

Integer

Description

Unique ID of the directory

 

 

Make sure you add '/' at the end of the URL of this web service.

Resource Information

HTTP method

GET

Content type

application/json

Header parameter

Parameter

Authorization

Type

String

Description

The token that identifies the session.

Valid values

A session token that was returned from the “Logon” method.

Body parameters

None

Result

Parameter

directoryType

Type

String

Description

The name of the directory profile file that represents the profile the Vault should use when working with the specified LDAP directory.

Taken from a list of predefined directory profiles.

Specify an ini file, including the extension. For example, MicrosoftADProfile.ini.

Parameter

domainName

Type

String

Description

The address of the domain.

Parameter

bindUsername

Type

String

Description

The full Distinguished Name of the Bind user. For Microsoft Active Directory, you can specify the Windows user name instead of the full Distinguished Name. This user must be a member of the same AD Domain group(s) as the external users and groups that will be defined in the Vault.

Parameter

bindPassword

Type

String

Description

The password for the user specified in the Bind User field.

Parameter

domainBaseContext

Type

String

Description

The base context of the External Directory.

Parameter

Port

Type

Int

Description

The port used to access the specified server.

The standard port for SSL LDAP connections is 636, and for non-SSL LDAP connections is 389.

Parameter

sslConnect

Type

Bool

Description

Whether or not to connect to the external directory with SSL.

Parameter

ldapDirectoryName

Type

String

Description

The name of the LDAP directory where users and groups are listed. Note: After external users and groups from this directory have been created in the Vault, this parameter must not be changed.

Parameter

ldapDirectoryQueryOrder

Type

Int

Description

The order in which the Vault will search directories for users before creating a corresponding User Account or Group in the Vault.

Parameter

ldapDirectoryDescription

Type

String

Description

A short description of the LDAP directory.

Parameter

vaultObjectNamesPrefix

Type

String

Description

The text that will be used as a prefix for external users and groups in the Vault created from the specified directory. This parameter is optional. This parameter will be ignored if AddDomainToUserName parameter is set to True.

Parameter

passwordObjectPath

Type

String

Description

The location of the bind password in the Vault Internal Safe.

Parameter

ldapDirectoryGroupsBaseContext

Type

String

Description

The base context that will be used for external directory queries for groups only. This parameter is optional.

Parameter

ldapDirectoryUsage

Type

String

Description

Whether you can create external objects from this external directory, browse it, authenticate users, or do all three.

Possible values: ClientBrowsing, ExternalObjectsCreation, Authentication.

The user is able to set one value, or multiple values separated by comma.

Parameter

referralsChasingHopLimit

Type

Int

Description

The number of recursive LDAP referrals that are chased.

The default value is -1 (unlimited).

Parameter

requireReferredDirectoryDefinition

Type

Bool

Description

Whether or not LDAP referrals are supported when an external directory parameter has been defined in the Vault for the referred directory.

The default value is No.

Parameter

appendFriendlyDomainNameToGroup

Type

Bool

Description

Whether or not to add active directory domain names to the group names provisioned by the Vault.

Parameter

referralsDNSLookup

Type

Bool

Description

Enables referrals to be specified as domain names.

The default value is False.

Note: If this parameter is not enabled, in an SSL or High-Availabilty implementation, a directory file must be created for each domain that will be supported by the Vault. The domain name specified in each parameter file must be mapped in the DomainDNSName parameter in the referred directory. In addition, each referral directory must be defined in the Windows\System32\Etc\Hosts file.

Parameter

disableUserEnumeration

Type

Bool

Description

If set to True, prevents enumerating users from the directory for Safe ownership lockups.

Parameter

additionalQueryFilterOptimize

Type

Bool

Description

Run an additional query filter for a specific user.

Parameter

clientBrowsing

Type

Bool

Description

Whether or not to use this directory for PKI certificate browsing.

Parameter

externalObjectsCreation

Type

Bool

Description

Whether or not to use this directory for user provisioning.

Parameter

authentication

Type

Bool

Description

Whether or not to use this directory for authentication.

Parameter

useLDAPCertificatesOnly

Type

Bool

Description

Determines whether the user certificate domain name can be set manually, or taken from the directory.

Parameter

disablePaging

Type

Bool

Description

Determines whether or not to use page mode search while searching in the LDAP directory.

This parameter is optional.

Parameter

provisionDisabledUsers

Type

Bool

Description

Whether or not LDAP disabled users are created in the Vault.

dcList: A list of host servers for External Directory.

Parameter

Name

Type

String

Description

The name of the server where the external directory is installed.

Parameter

Port

Type

int

Description

The port through which the external directory is accessed.

Parameter

SSLConnect

Type

bool

Description

Whether or not to connect to the external directory using SSL.

Return codes

For a complete list of return codes, see Return Codes.