Get directory mapping list

This method returns a list of existing directory mappings in the Vault.

To run this web service, the user must be a member of the Vault Admins group and have the following permissions:

  • Manage Directory Mapping

URL

 

Make sure there are no spaces in the URL.

The following characters are not supported in URL values: + & %

 

https://<IIS_Server_Ip>/PasswordVault/api/Configuration/LDAP/Directories/{DomainName}/Mappings

The following mandatory value is required in the URL:

Parameter

DomainName

Type

String

Description

The URL of the domain.

Resource Information

HTTP method

GET

Content type

application/json

Header parameter

Parameter

Authorization

Type

String

Description

The token that identifies the session.

Valid values

A session token that was returned from the “Logon” method, encoded in BASE 64.

Body parameters

None

Result

 
[
{
"LDAPBranch": "string",
"VaultGroups": [
"string"
],
"MappingAuthorizations": [
"AddUpdateUsers"
],
"Location": "string",
"AuthenticationMethod": [
"AuthTypePass"
],
"UserType": "string",
"DisableUser": true,
"UserActivityLogPeriod": 0,
"UserExpiration": 0,
"LogonFromHour": 0,
"LogonToHour": 0,
"MappingID": 0,
"DirectoryMappingOrder": 0,
"MappingName": "string",
"LDAPQuery": "string",
"DomainGroups": [
"string"
]
}
]

 

Parameter

MappingID

Type

Unique ID of the directory mapping.

Description

String

Parameter

MappingName

Type

String

Description

The name of the PAS role that was created.
For example: Vault Admins, Safe Managers.

Parameter

DirectoryMappingOrder

Type

Integer

Description

The order in which Maps are matched with users and groups from the External Directory when determining if they can be created in the Vault.

Parameter

LDAPBranch

Type

String

Description

The LDAP branch that is used for external directory queries.

Parameter

DomainGroups

Type

String

Description

Users who belong to these LDAP groups will be automatically assigned to the relevant roles in the PAS system.

Parameter

ldapQuery

Type

String

Description

The filter that will be applied to users in the specified branch to ensure that only certain users will have access to the Vault.

Parameter

vaultGroups

Type

String

Description

Built-in Vault groups to which mapped users will be added.

Parameter

authenticationMethod

Type

String

Description

The authentication method that users belong to this map will use to log onto the Vault.

Parameter

userType

Type

String

Description

The interfaces that users in the current mapping can use to access the Vault.

Parameter

disableUser

Type

Boolean

Description

Whether or not the users in the current mapping are temporarily inaccessible.

Parameter

userActivityLogPeriod

Type

Integer

Description

The number of days that activity records for users in the current mapping are stored in the Vault before they can be deleted.

Parameter

userExpiration

Type

Integer

Description

The date in Unix time after which user accounts in the current mapping are no longer accessible. '0' (zero) indicates never.

Parameter

logonFromHour

Type

Integer

Description

The time from when users in the current mapping can log onto the Vault. If this parameter is not returned, users can log onto the Vault at any time.

Parameter

logonToHour

Type

Integer

Description

The time until when users in the current mapping can log onto the Vault. If this parameter is not returned, users can log onto the Vault at any time.

Parameter

MappingAuthorization

Type

List of Strings

Description

The security attributes and authorizations that will be applied when an LDAP User Account is created in the Vault.

Parameter

Locations

Type

String

Description

The Vault location where users in the current mapping are added.

Return Codes

For a complete list of return codes, see Return Codes.