Fortios v0.0.6, Jul 9 24

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.user.Ldap

Explore with Pulumi AI

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as fortios from "@pulumiverse/fortios";

const trname = new fortios.user.Ldap("trname", {
    accountKeyFilter: "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
    accountKeyProcessing: "same",
    cnid: "cn",
    dn: "EIWNCIEW",
    groupMemberCheck: "user-attr",
    groupObjectFilter: "(&(objectcategory=group)(member=*))",
    memberAttr: "memberOf",
    passwordExpiryWarning: "disable",
    passwordRenewal: "disable",
    port: 389,
    secure: "disable",
    server: "1.1.1.1",
    serverIdentityCheck: "disable",
    sourceIp: "0.0.0.0",
    sslMinProtoVersion: "default",
    type: "simple",
});

import pulumi
import pulumiverse_fortios as fortios

trname = fortios.user.Ldap("trname",
    account_key_filter="(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
    account_key_processing="same",
    cnid="cn",
    dn="EIWNCIEW",
    group_member_check="user-attr",
    group_object_filter="(&(objectcategory=group)(member=*))",
    member_attr="memberOf",
    password_expiry_warning="disable",
    password_renewal="disable",
    port=389,
    secure="disable",
    server="1.1.1.1",
    server_identity_check="disable",
    source_ip="0.0.0.0",
    ssl_min_proto_version="default",
    type="simple")

package main

import (
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/user"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := user.NewLdap(ctx, "trname", &user.LdapArgs{
			AccountKeyFilter:      pulumi.String("(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))"),
			AccountKeyProcessing:  pulumi.String("same"),
			Cnid:                  pulumi.String("cn"),
			Dn:                    pulumi.String("EIWNCIEW"),
			GroupMemberCheck:      pulumi.String("user-attr"),
			GroupObjectFilter:     pulumi.String("(&(objectcategory=group)(member=*))"),
			MemberAttr:            pulumi.String("memberOf"),
			PasswordExpiryWarning: pulumi.String("disable"),
			PasswordRenewal:       pulumi.String("disable"),
			Port:                  pulumi.Int(389),
			Secure:                pulumi.String("disable"),
			Server:                pulumi.String("1.1.1.1"),
			ServerIdentityCheck:   pulumi.String("disable"),
			SourceIp:              pulumi.String("0.0.0.0"),
			SslMinProtoVersion:    pulumi.String("default"),
			Type:                  pulumi.String("simple"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Fortios = Pulumiverse.Fortios;

return await Deployment.RunAsync(() => 
{
    var trname = new Fortios.User.Ldap("trname", new()
    {
        AccountKeyFilter = "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
        AccountKeyProcessing = "same",
        Cnid = "cn",
        Dn = "EIWNCIEW",
        GroupMemberCheck = "user-attr",
        GroupObjectFilter = "(&(objectcategory=group)(member=*))",
        MemberAttr = "memberOf",
        PasswordExpiryWarning = "disable",
        PasswordRenewal = "disable",
        Port = 389,
        Secure = "disable",
        Server = "1.1.1.1",
        ServerIdentityCheck = "disable",
        SourceIp = "0.0.0.0",
        SslMinProtoVersion = "default",
        Type = "simple",
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.fortios.user.Ldap;
import com.pulumi.fortios.user.LdapArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var trname = new Ldap("trname", LdapArgs.builder()
            .accountKeyFilter("(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))")
            .accountKeyProcessing("same")
            .cnid("cn")
            .dn("EIWNCIEW")
            .groupMemberCheck("user-attr")
            .groupObjectFilter("(&(objectcategory=group)(member=*))")
            .memberAttr("memberOf")
            .passwordExpiryWarning("disable")
            .passwordRenewal("disable")
            .port(389)
            .secure("disable")
            .server("1.1.1.1")
            .serverIdentityCheck("disable")
            .sourceIp("0.0.0.0")
            .sslMinProtoVersion("default")
            .type("simple")
            .build());

    }
}

resources:
  trname:
    type: fortios:user:Ldap
    properties:
      accountKeyFilter: (&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
      accountKeyProcessing: same
      cnid: cn
      dn: EIWNCIEW
      groupMemberCheck: user-attr
      groupObjectFilter: (&(objectcategory=group)(member=*))
      memberAttr: memberOf
      passwordExpiryWarning: disable
      passwordRenewal: disable
      port: 389
      secure: disable
      server: 1.1.1.1
      serverIdentityCheck: disable
      sourceIp: 0.0.0.0
      sslMinProtoVersion: default
      type: simple

Create Ldap Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Ldap(name: string, args: LdapArgs, opts?: CustomResourceOptions);

@overload
def Ldap(resource_name: str,
         args: LdapArgs,
         opts: Optional[ResourceOptions] = None)

@overload
def Ldap(resource_name: str,
         opts: Optional[ResourceOptions] = None,
         dn: Optional[str] = None,
         server: Optional[str] = None,
         password_attr: Optional[str] = None,
         two_factor_filter: Optional[str] = None,
         antiphish: Optional[str] = None,
         ca_cert: Optional[str] = None,
         client_cert: Optional[str] = None,
         client_cert_auth: Optional[str] = None,
         account_key_cert_field: Optional[str] = None,
         account_key_processing: Optional[str] = None,
         group_filter: Optional[str] = None,
         group_member_check: Optional[str] = None,
         group_object_filter: Optional[str] = None,
         group_search_base: Optional[str] = None,
         interface: Optional[str] = None,
         interface_select_method: Optional[str] = None,
         member_attr: Optional[str] = None,
         name: Optional[str] = None,
         obtain_user_info: Optional[str] = None,
         password_renewal: Optional[str] = None,
         cnid: Optional[str] = None,
         account_key_upn_san: Optional[str] = None,
         password: Optional[str] = None,
         port: Optional[int] = None,
         search_type: Optional[str] = None,
         secondary_server: Optional[str] = None,
         secure: Optional[str] = None,
         account_key_filter: Optional[str] = None,
         server_identity_check: Optional[str] = None,
         source_ip: Optional[str] = None,
         source_port: Optional[int] = None,
         ssl_min_proto_version: Optional[str] = None,
         status_ttl: Optional[int] = None,
         tertiary_server: Optional[str] = None,
         two_factor: Optional[str] = None,
         two_factor_authentication: Optional[str] = None,
         password_expiry_warning: Optional[str] = None,
         two_factor_notification: Optional[str] = None,
         type: Optional[str] = None,
         user_info_exchange_server: Optional[str] = None,
         username: Optional[str] = None,
         vdomparam: Optional[str] = None)

func NewLdap(ctx *Context, name string, args LdapArgs, opts ...ResourceOption) (*Ldap, error)

public Ldap(string name, LdapArgs args, CustomResourceOptions? opts = null)

public Ldap(String name, LdapArgs args)
public Ldap(String name, LdapArgs args, CustomResourceOptions options)

type: fortios:user:Ldap
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args LdapArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args LdapArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args LdapArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args LdapArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args LdapArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var ldapResource = new Fortios.User.Ldap("ldapResource", new()
{
    Dn = "string",
    Server = "string",
    PasswordAttr = "string",
    TwoFactorFilter = "string",
    Antiphish = "string",
    CaCert = "string",
    ClientCert = "string",
    ClientCertAuth = "string",
    AccountKeyCertField = "string",
    AccountKeyProcessing = "string",
    GroupFilter = "string",
    GroupMemberCheck = "string",
    GroupObjectFilter = "string",
    GroupSearchBase = "string",
    Interface = "string",
    InterfaceSelectMethod = "string",
    MemberAttr = "string",
    Name = "string",
    ObtainUserInfo = "string",
    PasswordRenewal = "string",
    Cnid = "string",
    AccountKeyUpnSan = "string",
    Password = "string",
    Port = 0,
    SearchType = "string",
    SecondaryServer = "string",
    Secure = "string",
    AccountKeyFilter = "string",
    ServerIdentityCheck = "string",
    SourceIp = "string",
    SourcePort = 0,
    SslMinProtoVersion = "string",
    StatusTtl = 0,
    TertiaryServer = "string",
    TwoFactor = "string",
    TwoFactorAuthentication = "string",
    PasswordExpiryWarning = "string",
    TwoFactorNotification = "string",
    Type = "string",
    UserInfoExchangeServer = "string",
    Username = "string",
    Vdomparam = "string",
});

example, err := user.NewLdap(ctx, "ldapResource", &user.LdapArgs{
	Dn:                      pulumi.String("string"),
	Server:                  pulumi.String("string"),
	PasswordAttr:            pulumi.String("string"),
	TwoFactorFilter:         pulumi.String("string"),
	Antiphish:               pulumi.String("string"),
	CaCert:                  pulumi.String("string"),
	ClientCert:              pulumi.String("string"),
	ClientCertAuth:          pulumi.String("string"),
	AccountKeyCertField:     pulumi.String("string"),
	AccountKeyProcessing:    pulumi.String("string"),
	GroupFilter:             pulumi.String("string"),
	GroupMemberCheck:        pulumi.String("string"),
	GroupObjectFilter:       pulumi.String("string"),
	GroupSearchBase:         pulumi.String("string"),
	Interface:               pulumi.String("string"),
	InterfaceSelectMethod:   pulumi.String("string"),
	MemberAttr:              pulumi.String("string"),
	Name:                    pulumi.String("string"),
	ObtainUserInfo:          pulumi.String("string"),
	PasswordRenewal:         pulumi.String("string"),
	Cnid:                    pulumi.String("string"),
	AccountKeyUpnSan:        pulumi.String("string"),
	Password:                pulumi.String("string"),
	Port:                    pulumi.Int(0),
	SearchType:              pulumi.String("string"),
	SecondaryServer:         pulumi.String("string"),
	Secure:                  pulumi.String("string"),
	AccountKeyFilter:        pulumi.String("string"),
	ServerIdentityCheck:     pulumi.String("string"),
	SourceIp:                pulumi.String("string"),
	SourcePort:              pulumi.Int(0),
	SslMinProtoVersion:      pulumi.String("string"),
	StatusTtl:               pulumi.Int(0),
	TertiaryServer:          pulumi.String("string"),
	TwoFactor:               pulumi.String("string"),
	TwoFactorAuthentication: pulumi.String("string"),
	PasswordExpiryWarning:   pulumi.String("string"),
	TwoFactorNotification:   pulumi.String("string"),
	Type:                    pulumi.String("string"),
	UserInfoExchangeServer:  pulumi.String("string"),
	Username:                pulumi.String("string"),
	Vdomparam:               pulumi.String("string"),
})

var ldapResource = new Ldap("ldapResource", LdapArgs.builder()
    .dn("string")
    .server("string")
    .passwordAttr("string")
    .twoFactorFilter("string")
    .antiphish("string")
    .caCert("string")
    .clientCert("string")
    .clientCertAuth("string")
    .accountKeyCertField("string")
    .accountKeyProcessing("string")
    .groupFilter("string")
    .groupMemberCheck("string")
    .groupObjectFilter("string")
    .groupSearchBase("string")
    .interface_("string")
    .interfaceSelectMethod("string")
    .memberAttr("string")
    .name("string")
    .obtainUserInfo("string")
    .passwordRenewal("string")
    .cnid("string")
    .accountKeyUpnSan("string")
    .password("string")
    .port(0)
    .searchType("string")
    .secondaryServer("string")
    .secure("string")
    .accountKeyFilter("string")
    .serverIdentityCheck("string")
    .sourceIp("string")
    .sourcePort(0)
    .sslMinProtoVersion("string")
    .statusTtl(0)
    .tertiaryServer("string")
    .twoFactor("string")
    .twoFactorAuthentication("string")
    .passwordExpiryWarning("string")
    .twoFactorNotification("string")
    .type("string")
    .userInfoExchangeServer("string")
    .username("string")
    .vdomparam("string")
    .build());

ldap_resource = fortios.user.Ldap("ldapResource",
    dn="string",
    server="string",
    password_attr="string",
    two_factor_filter="string",
    antiphish="string",
    ca_cert="string",
    client_cert="string",
    client_cert_auth="string",
    account_key_cert_field="string",
    account_key_processing="string",
    group_filter="string",
    group_member_check="string",
    group_object_filter="string",
    group_search_base="string",
    interface="string",
    interface_select_method="string",
    member_attr="string",
    name="string",
    obtain_user_info="string",
    password_renewal="string",
    cnid="string",
    account_key_upn_san="string",
    password="string",
    port=0,
    search_type="string",
    secondary_server="string",
    secure="string",
    account_key_filter="string",
    server_identity_check="string",
    source_ip="string",
    source_port=0,
    ssl_min_proto_version="string",
    status_ttl=0,
    tertiary_server="string",
    two_factor="string",
    two_factor_authentication="string",
    password_expiry_warning="string",
    two_factor_notification="string",
    type="string",
    user_info_exchange_server="string",
    username="string",
    vdomparam="string")

const ldapResource = new fortios.user.Ldap("ldapResource", {
    dn: "string",
    server: "string",
    passwordAttr: "string",
    twoFactorFilter: "string",
    antiphish: "string",
    caCert: "string",
    clientCert: "string",
    clientCertAuth: "string",
    accountKeyCertField: "string",
    accountKeyProcessing: "string",
    groupFilter: "string",
    groupMemberCheck: "string",
    groupObjectFilter: "string",
    groupSearchBase: "string",
    "interface": "string",
    interfaceSelectMethod: "string",
    memberAttr: "string",
    name: "string",
    obtainUserInfo: "string",
    passwordRenewal: "string",
    cnid: "string",
    accountKeyUpnSan: "string",
    password: "string",
    port: 0,
    searchType: "string",
    secondaryServer: "string",
    secure: "string",
    accountKeyFilter: "string",
    serverIdentityCheck: "string",
    sourceIp: "string",
    sourcePort: 0,
    sslMinProtoVersion: "string",
    statusTtl: 0,
    tertiaryServer: "string",
    twoFactor: "string",
    twoFactorAuthentication: "string",
    passwordExpiryWarning: "string",
    twoFactorNotification: "string",
    type: "string",
    userInfoExchangeServer: "string",
    username: "string",
    vdomparam: "string",
});

type: fortios:user:Ldap
properties:
    accountKeyCertField: string
    accountKeyFilter: string
    accountKeyProcessing: string
    accountKeyUpnSan: string
    antiphish: string
    caCert: string
    clientCert: string
    clientCertAuth: string
    cnid: string
    dn: string
    groupFilter: string
    groupMemberCheck: string
    groupObjectFilter: string
    groupSearchBase: string
    interface: string
    interfaceSelectMethod: string
    memberAttr: string
    name: string
    obtainUserInfo: string
    password: string
    passwordAttr: string
    passwordExpiryWarning: string
    passwordRenewal: string
    port: 0
    searchType: string
    secondaryServer: string
    secure: string
    server: string
    serverIdentityCheck: string
    sourceIp: string
    sourcePort: 0
    sslMinProtoVersion: string
    statusTtl: 0
    tertiaryServer: string
    twoFactor: string
    twoFactorAuthentication: string
    twoFactorFilter: string
    twoFactorNotification: string
    type: string
    userInfoExchangeServer: string
    username: string
    vdomparam: string

Ldap Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Ldap resource accepts the following input properties:

Dn string: Distinguished name used to look up entries on the LDAP server.
Server string: LDAP server CN domain name or IP.
AccountKeyCertField string: Define subject identity field in certificate for user access right checking.
AccountKeyFilter string: Account key filter, using the UPN as the search filter.
AccountKeyProcessing string: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
AccountKeyUpnSan string: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
Antiphish string: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
CaCert string: CA certificate name.
ClientCert string: Client certificate name.
ClientCertAuth string: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
Cnid string: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
GroupFilter string: Filter used for group matching.
GroupMemberCheck string: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
GroupObjectFilter string: Filter used for group searching.
GroupSearchBase string: Search base used for group searching.
Interface string: Specify outgoing interface to reach server.
InterfaceSelectMethod string: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
MemberAttr string: Name of attribute from which to get group membership.
Name string: LDAP server entry name.
ObtainUserInfo string: Enable/disable obtaining of user information. Valid values: enable, disable.
Password string: Password for initial binding.
PasswordAttr string: Name of attribute to get password hash.
PasswordExpiryWarning string: Enable/disable password expiry warnings. Valid values: enable, disable.
PasswordRenewal string: Enable/disable online password renewal. Valid values: enable, disable.
Port int: Port to be used for communication with the LDAP server (default = 389).
SearchType string: Search type. Valid values: recursive.
SecondaryServer string: Secondary LDAP server CN domain name or IP.
Secure string: Port to be used for authentication. Valid values: disable, starttls, ldaps.
ServerIdentityCheck string: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
SourceIp string: Source IP for communications to LDAP server.
SourcePort int: Source port to be used for communication with the LDAP server.
SslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
StatusTtl int: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
TertiaryServer string: Tertiary LDAP server CN domain name or IP.
TwoFactor string: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
TwoFactorAuthentication string: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
TwoFactorFilter string: Filter used to synchronize users to FortiToken Cloud.
TwoFactorNotification string: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
Type string: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
UserInfoExchangeServer string: MS Exchange server from which to fetch user information.
Username string: Username (full DN) for initial binding.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Dn string: Distinguished name used to look up entries on the LDAP server.
Server string: LDAP server CN domain name or IP.
AccountKeyCertField string: Define subject identity field in certificate for user access right checking.
AccountKeyFilter string: Account key filter, using the UPN as the search filter.
AccountKeyProcessing string: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
AccountKeyUpnSan string: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
Antiphish string: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
CaCert string: CA certificate name.
ClientCert string: Client certificate name.
ClientCertAuth string: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
Cnid string: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
GroupFilter string: Filter used for group matching.
GroupMemberCheck string: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
GroupObjectFilter string: Filter used for group searching.
GroupSearchBase string: Search base used for group searching.
Interface string: Specify outgoing interface to reach server.
InterfaceSelectMethod string: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
MemberAttr string: Name of attribute from which to get group membership.
Name string: LDAP server entry name.
ObtainUserInfo string: Enable/disable obtaining of user information. Valid values: enable, disable.
Password string: Password for initial binding.
PasswordAttr string: Name of attribute to get password hash.
PasswordExpiryWarning string: Enable/disable password expiry warnings. Valid values: enable, disable.
PasswordRenewal string: Enable/disable online password renewal. Valid values: enable, disable.
Port int: Port to be used for communication with the LDAP server (default = 389).
SearchType string: Search type. Valid values: recursive.
SecondaryServer string: Secondary LDAP server CN domain name or IP.
Secure string: Port to be used for authentication. Valid values: disable, starttls, ldaps.
ServerIdentityCheck string: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
SourceIp string: Source IP for communications to LDAP server.
SourcePort int: Source port to be used for communication with the LDAP server.
SslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
StatusTtl int: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
TertiaryServer string: Tertiary LDAP server CN domain name or IP.
TwoFactor string: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
TwoFactorAuthentication string: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
TwoFactorFilter string: Filter used to synchronize users to FortiToken Cloud.
TwoFactorNotification string: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
Type string: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
UserInfoExchangeServer string: MS Exchange server from which to fetch user information.
Username string: Username (full DN) for initial binding.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

dn String: Distinguished name used to look up entries on the LDAP server.
server String: LDAP server CN domain name or IP.
accountKeyCertField String: Define subject identity field in certificate for user access right checking.
accountKeyFilter String: Account key filter, using the UPN as the search filter.
accountKeyProcessing String: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
accountKeyUpnSan String: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
antiphish String: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
caCert String: CA certificate name.
clientCert String: Client certificate name.
clientCertAuth String: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
cnid String: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
groupFilter String: Filter used for group matching.
groupMemberCheck String: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
groupObjectFilter String: Filter used for group searching.
groupSearchBase String: Search base used for group searching.
interfaceSelectMethod String: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
interface_ String: Specify outgoing interface to reach server.
memberAttr String: Name of attribute from which to get group membership.
name String: LDAP server entry name.
obtainUserInfo String: Enable/disable obtaining of user information. Valid values: enable, disable.
password String: Password for initial binding.
passwordAttr String: Name of attribute to get password hash.
passwordExpiryWarning String: Enable/disable password expiry warnings. Valid values: enable, disable.
passwordRenewal String: Enable/disable online password renewal. Valid values: enable, disable.
port Integer: Port to be used for communication with the LDAP server (default = 389).
searchType String: Search type. Valid values: recursive.
secondaryServer String: Secondary LDAP server CN domain name or IP.
secure String: Port to be used for authentication. Valid values: disable, starttls, ldaps.
serverIdentityCheck String: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
sourceIp String: Source IP for communications to LDAP server.
sourcePort Integer: Source port to be used for communication with the LDAP server.
sslMinProtoVersion String: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
statusTtl Integer: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
tertiaryServer String: Tertiary LDAP server CN domain name or IP.
twoFactor String: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
twoFactorAuthentication String: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
twoFactorFilter String: Filter used to synchronize users to FortiToken Cloud.
twoFactorNotification String: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
type String: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
userInfoExchangeServer String: MS Exchange server from which to fetch user information.
username String: Username (full DN) for initial binding.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

dn string: Distinguished name used to look up entries on the LDAP server.
server string: LDAP server CN domain name or IP.
accountKeyCertField string: Define subject identity field in certificate for user access right checking.
accountKeyFilter string: Account key filter, using the UPN as the search filter.
accountKeyProcessing string: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
accountKeyUpnSan string: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
antiphish string: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
caCert string: CA certificate name.
clientCert string: Client certificate name.
clientCertAuth string: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
cnid string: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
groupFilter string: Filter used for group matching.
groupMemberCheck string: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
groupObjectFilter string: Filter used for group searching.
groupSearchBase string: Search base used for group searching.
interface string: Specify outgoing interface to reach server.
interfaceSelectMethod string: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
memberAttr string: Name of attribute from which to get group membership.
name string: LDAP server entry name.
obtainUserInfo string: Enable/disable obtaining of user information. Valid values: enable, disable.
password string: Password for initial binding.
passwordAttr string: Name of attribute to get password hash.
passwordExpiryWarning string: Enable/disable password expiry warnings. Valid values: enable, disable.
passwordRenewal string: Enable/disable online password renewal. Valid values: enable, disable.
port number: Port to be used for communication with the LDAP server (default = 389).
searchType string: Search type. Valid values: recursive.
secondaryServer string: Secondary LDAP server CN domain name or IP.
secure string: Port to be used for authentication. Valid values: disable, starttls, ldaps.
serverIdentityCheck string: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
sourceIp string: Source IP for communications to LDAP server.
sourcePort number: Source port to be used for communication with the LDAP server.
sslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
statusTtl number: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
tertiaryServer string: Tertiary LDAP server CN domain name or IP.
twoFactor string: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
twoFactorAuthentication string: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
twoFactorFilter string: Filter used to synchronize users to FortiToken Cloud.
twoFactorNotification string: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
type string: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
userInfoExchangeServer string: MS Exchange server from which to fetch user information.
username string: Username (full DN) for initial binding.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

dn str: Distinguished name used to look up entries on the LDAP server.
server str: LDAP server CN domain name or IP.
account_key_cert_field str: Define subject identity field in certificate for user access right checking.
account_key_filter str: Account key filter, using the UPN as the search filter.
account_key_processing str: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
account_key_upn_san str: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
antiphish str: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
ca_cert str: CA certificate name.
client_cert str: Client certificate name.
client_cert_auth str: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
cnid str: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
group_filter str: Filter used for group matching.
group_member_check str: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
group_object_filter str: Filter used for group searching.
group_search_base str: Search base used for group searching.
interface str: Specify outgoing interface to reach server.
interface_select_method str: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
member_attr str: Name of attribute from which to get group membership.
name str: LDAP server entry name.
obtain_user_info str: Enable/disable obtaining of user information. Valid values: enable, disable.
password str: Password for initial binding.
password_attr str: Name of attribute to get password hash.
password_expiry_warning str: Enable/disable password expiry warnings. Valid values: enable, disable.
password_renewal str: Enable/disable online password renewal. Valid values: enable, disable.
port int: Port to be used for communication with the LDAP server (default = 389).
search_type str: Search type. Valid values: recursive.
secondary_server str: Secondary LDAP server CN domain name or IP.
secure str: Port to be used for authentication. Valid values: disable, starttls, ldaps.
server_identity_check str: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
source_ip str: Source IP for communications to LDAP server.
source_port int: Source port to be used for communication with the LDAP server.
ssl_min_proto_version str: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
status_ttl int: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
tertiary_server str: Tertiary LDAP server CN domain name or IP.
two_factor str: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
two_factor_authentication str: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
two_factor_filter str: Filter used to synchronize users to FortiToken Cloud.
two_factor_notification str: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
type str: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
user_info_exchange_server str: MS Exchange server from which to fetch user information.
username str: Username (full DN) for initial binding.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

dn String: Distinguished name used to look up entries on the LDAP server.
server String: LDAP server CN domain name or IP.
accountKeyCertField String: Define subject identity field in certificate for user access right checking.
accountKeyFilter String: Account key filter, using the UPN as the search filter.
accountKeyProcessing String: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
accountKeyUpnSan String: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
antiphish String: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
caCert String: CA certificate name.
clientCert String: Client certificate name.
clientCertAuth String: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
cnid String: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
groupFilter String: Filter used for group matching.
groupMemberCheck String: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
groupObjectFilter String: Filter used for group searching.
groupSearchBase String: Search base used for group searching.
interface String: Specify outgoing interface to reach server.
interfaceSelectMethod String: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
memberAttr String: Name of attribute from which to get group membership.
name String: LDAP server entry name.
obtainUserInfo String: Enable/disable obtaining of user information. Valid values: enable, disable.
password String: Password for initial binding.
passwordAttr String: Name of attribute to get password hash.
passwordExpiryWarning String: Enable/disable password expiry warnings. Valid values: enable, disable.
passwordRenewal String: Enable/disable online password renewal. Valid values: enable, disable.
port Number: Port to be used for communication with the LDAP server (default = 389).
searchType String: Search type. Valid values: recursive.
secondaryServer String: Secondary LDAP server CN domain name or IP.
secure String: Port to be used for authentication. Valid values: disable, starttls, ldaps.
serverIdentityCheck String: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
sourceIp String: Source IP for communications to LDAP server.
sourcePort Number: Source port to be used for communication with the LDAP server.
sslMinProtoVersion String: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
statusTtl Number: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
tertiaryServer String: Tertiary LDAP server CN domain name or IP.
twoFactor String: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
twoFactorAuthentication String: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
twoFactorFilter String: Filter used to synchronize users to FortiToken Cloud.
twoFactorNotification String: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
type String: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
userInfoExchangeServer String: MS Exchange server from which to fetch user information.
username String: Username (full DN) for initial binding.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Outputs

All input properties are implicitly available as output properties. Additionally, the Ldap resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Ldap Resource

Get an existing Ldap resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: LdapState, opts?: CustomResourceOptions): Ldap

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        account_key_cert_field: Optional[str] = None,
        account_key_filter: Optional[str] = None,
        account_key_processing: Optional[str] = None,
        account_key_upn_san: Optional[str] = None,
        antiphish: Optional[str] = None,
        ca_cert: Optional[str] = None,
        client_cert: Optional[str] = None,
        client_cert_auth: Optional[str] = None,
        cnid: Optional[str] = None,
        dn: Optional[str] = None,
        group_filter: Optional[str] = None,
        group_member_check: Optional[str] = None,
        group_object_filter: Optional[str] = None,
        group_search_base: Optional[str] = None,
        interface: Optional[str] = None,
        interface_select_method: Optional[str] = None,
        member_attr: Optional[str] = None,
        name: Optional[str] = None,
        obtain_user_info: Optional[str] = None,
        password: Optional[str] = None,
        password_attr: Optional[str] = None,
        password_expiry_warning: Optional[str] = None,
        password_renewal: Optional[str] = None,
        port: Optional[int] = None,
        search_type: Optional[str] = None,
        secondary_server: Optional[str] = None,
        secure: Optional[str] = None,
        server: Optional[str] = None,
        server_identity_check: Optional[str] = None,
        source_ip: Optional[str] = None,
        source_port: Optional[int] = None,
        ssl_min_proto_version: Optional[str] = None,
        status_ttl: Optional[int] = None,
        tertiary_server: Optional[str] = None,
        two_factor: Optional[str] = None,
        two_factor_authentication: Optional[str] = None,
        two_factor_filter: Optional[str] = None,
        two_factor_notification: Optional[str] = None,
        type: Optional[str] = None,
        user_info_exchange_server: Optional[str] = None,
        username: Optional[str] = None,
        vdomparam: Optional[str] = None) -> Ldap

func GetLdap(ctx *Context, name string, id IDInput, state *LdapState, opts ...ResourceOption) (*Ldap, error)

public static Ldap Get(string name, Input<string> id, LdapState? state, CustomResourceOptions? opts = null)

public static Ldap get(String name, Output<String> id, LdapState state, CustomResourceOptions options)

resources:  _:    type: fortios:user:Ldap    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AccountKeyCertField string: Define subject identity field in certificate for user access right checking.
AccountKeyFilter string: Account key filter, using the UPN as the search filter.
AccountKeyProcessing string: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
AccountKeyUpnSan string: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
Antiphish string: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
CaCert string: CA certificate name.
ClientCert string: Client certificate name.
ClientCertAuth string: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
Cnid string: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
Dn string: Distinguished name used to look up entries on the LDAP server.
GroupFilter string: Filter used for group matching.
GroupMemberCheck string: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
GroupObjectFilter string: Filter used for group searching.
GroupSearchBase string: Search base used for group searching.
Interface string: Specify outgoing interface to reach server.
InterfaceSelectMethod string: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
MemberAttr string: Name of attribute from which to get group membership.
Name string: LDAP server entry name.
ObtainUserInfo string: Enable/disable obtaining of user information. Valid values: enable, disable.
Password string: Password for initial binding.
PasswordAttr string: Name of attribute to get password hash.
PasswordExpiryWarning string: Enable/disable password expiry warnings. Valid values: enable, disable.
PasswordRenewal string: Enable/disable online password renewal. Valid values: enable, disable.
Port int: Port to be used for communication with the LDAP server (default = 389).
SearchType string: Search type. Valid values: recursive.
SecondaryServer string: Secondary LDAP server CN domain name or IP.
Secure string: Port to be used for authentication. Valid values: disable, starttls, ldaps.
Server string: LDAP server CN domain name or IP.
ServerIdentityCheck string: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
SourceIp string: Source IP for communications to LDAP server.
SourcePort int: Source port to be used for communication with the LDAP server.
SslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
StatusTtl int: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
TertiaryServer string: Tertiary LDAP server CN domain name or IP.
TwoFactor string: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
TwoFactorAuthentication string: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
TwoFactorFilter string: Filter used to synchronize users to FortiToken Cloud.
TwoFactorNotification string: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
Type string: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
UserInfoExchangeServer string: MS Exchange server from which to fetch user information.
Username string: Username (full DN) for initial binding.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

AccountKeyCertField string: Define subject identity field in certificate for user access right checking.
AccountKeyFilter string: Account key filter, using the UPN as the search filter.
AccountKeyProcessing string: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
AccountKeyUpnSan string: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
Antiphish string: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
CaCert string: CA certificate name.
ClientCert string: Client certificate name.
ClientCertAuth string: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
Cnid string: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
Dn string: Distinguished name used to look up entries on the LDAP server.
GroupFilter string: Filter used for group matching.
GroupMemberCheck string: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
GroupObjectFilter string: Filter used for group searching.
GroupSearchBase string: Search base used for group searching.
Interface string: Specify outgoing interface to reach server.
InterfaceSelectMethod string: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
MemberAttr string: Name of attribute from which to get group membership.
Name string: LDAP server entry name.
ObtainUserInfo string: Enable/disable obtaining of user information. Valid values: enable, disable.
Password string: Password for initial binding.
PasswordAttr string: Name of attribute to get password hash.
PasswordExpiryWarning string: Enable/disable password expiry warnings. Valid values: enable, disable.
PasswordRenewal string: Enable/disable online password renewal. Valid values: enable, disable.
Port int: Port to be used for communication with the LDAP server (default = 389).
SearchType string: Search type. Valid values: recursive.
SecondaryServer string: Secondary LDAP server CN domain name or IP.
Secure string: Port to be used for authentication. Valid values: disable, starttls, ldaps.
Server string: LDAP server CN domain name or IP.
ServerIdentityCheck string: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
SourceIp string: Source IP for communications to LDAP server.
SourcePort int: Source port to be used for communication with the LDAP server.
SslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
StatusTtl int: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
TertiaryServer string: Tertiary LDAP server CN domain name or IP.
TwoFactor string: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
TwoFactorAuthentication string: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
TwoFactorFilter string: Filter used to synchronize users to FortiToken Cloud.
TwoFactorNotification string: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
Type string: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
UserInfoExchangeServer string: MS Exchange server from which to fetch user information.
Username string: Username (full DN) for initial binding.
Vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

accountKeyCertField String: Define subject identity field in certificate for user access right checking.
accountKeyFilter String: Account key filter, using the UPN as the search filter.
accountKeyProcessing String: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
accountKeyUpnSan String: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
antiphish String: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
caCert String: CA certificate name.
clientCert String: Client certificate name.
clientCertAuth String: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
cnid String: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
dn String: Distinguished name used to look up entries on the LDAP server.
groupFilter String: Filter used for group matching.
groupMemberCheck String: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
groupObjectFilter String: Filter used for group searching.
groupSearchBase String: Search base used for group searching.
interfaceSelectMethod String: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
interface_ String: Specify outgoing interface to reach server.
memberAttr String: Name of attribute from which to get group membership.
name String: LDAP server entry name.
obtainUserInfo String: Enable/disable obtaining of user information. Valid values: enable, disable.
password String: Password for initial binding.
passwordAttr String: Name of attribute to get password hash.
passwordExpiryWarning String: Enable/disable password expiry warnings. Valid values: enable, disable.
passwordRenewal String: Enable/disable online password renewal. Valid values: enable, disable.
port Integer: Port to be used for communication with the LDAP server (default = 389).
searchType String: Search type. Valid values: recursive.
secondaryServer String: Secondary LDAP server CN domain name or IP.
secure String: Port to be used for authentication. Valid values: disable, starttls, ldaps.
server String: LDAP server CN domain name or IP.
serverIdentityCheck String: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
sourceIp String: Source IP for communications to LDAP server.
sourcePort Integer: Source port to be used for communication with the LDAP server.
sslMinProtoVersion String: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
statusTtl Integer: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
tertiaryServer String: Tertiary LDAP server CN domain name or IP.
twoFactor String: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
twoFactorAuthentication String: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
twoFactorFilter String: Filter used to synchronize users to FortiToken Cloud.
twoFactorNotification String: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
type String: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
userInfoExchangeServer String: MS Exchange server from which to fetch user information.
username String: Username (full DN) for initial binding.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

accountKeyCertField string: Define subject identity field in certificate for user access right checking.
accountKeyFilter string: Account key filter, using the UPN as the search filter.
accountKeyProcessing string: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
accountKeyUpnSan string: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
antiphish string: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
caCert string: CA certificate name.
clientCert string: Client certificate name.
clientCertAuth string: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
cnid string: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
dn string: Distinguished name used to look up entries on the LDAP server.
groupFilter string: Filter used for group matching.
groupMemberCheck string: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
groupObjectFilter string: Filter used for group searching.
groupSearchBase string: Search base used for group searching.
interface string: Specify outgoing interface to reach server.
interfaceSelectMethod string: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
memberAttr string: Name of attribute from which to get group membership.
name string: LDAP server entry name.
obtainUserInfo string: Enable/disable obtaining of user information. Valid values: enable, disable.
password string: Password for initial binding.
passwordAttr string: Name of attribute to get password hash.
passwordExpiryWarning string: Enable/disable password expiry warnings. Valid values: enable, disable.
passwordRenewal string: Enable/disable online password renewal. Valid values: enable, disable.
port number: Port to be used for communication with the LDAP server (default = 389).
searchType string: Search type. Valid values: recursive.
secondaryServer string: Secondary LDAP server CN domain name or IP.
secure string: Port to be used for authentication. Valid values: disable, starttls, ldaps.
server string: LDAP server CN domain name or IP.
serverIdentityCheck string: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
sourceIp string: Source IP for communications to LDAP server.
sourcePort number: Source port to be used for communication with the LDAP server.
sslMinProtoVersion string: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
statusTtl number: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
tertiaryServer string: Tertiary LDAP server CN domain name or IP.
twoFactor string: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
twoFactorAuthentication string: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
twoFactorFilter string: Filter used to synchronize users to FortiToken Cloud.
twoFactorNotification string: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
type string: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
userInfoExchangeServer string: MS Exchange server from which to fetch user information.
username string: Username (full DN) for initial binding.
vdomparam string: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

account_key_cert_field str: Define subject identity field in certificate for user access right checking.
account_key_filter str: Account key filter, using the UPN as the search filter.
account_key_processing str: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
account_key_upn_san str: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
antiphish str: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
ca_cert str: CA certificate name.
client_cert str: Client certificate name.
client_cert_auth str: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
cnid str: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
dn str: Distinguished name used to look up entries on the LDAP server.
group_filter str: Filter used for group matching.
group_member_check str: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
group_object_filter str: Filter used for group searching.
group_search_base str: Search base used for group searching.
interface str: Specify outgoing interface to reach server.
interface_select_method str: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
member_attr str: Name of attribute from which to get group membership.
name str: LDAP server entry name.
obtain_user_info str: Enable/disable obtaining of user information. Valid values: enable, disable.
password str: Password for initial binding.
password_attr str: Name of attribute to get password hash.
password_expiry_warning str: Enable/disable password expiry warnings. Valid values: enable, disable.
password_renewal str: Enable/disable online password renewal. Valid values: enable, disable.
port int: Port to be used for communication with the LDAP server (default = 389).
search_type str: Search type. Valid values: recursive.
secondary_server str: Secondary LDAP server CN domain name or IP.
secure str: Port to be used for authentication. Valid values: disable, starttls, ldaps.
server str: LDAP server CN domain name or IP.
server_identity_check str: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
source_ip str: Source IP for communications to LDAP server.
source_port int: Source port to be used for communication with the LDAP server.
ssl_min_proto_version str: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
status_ttl int: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
tertiary_server str: Tertiary LDAP server CN domain name or IP.
two_factor str: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
two_factor_authentication str: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
two_factor_filter str: Filter used to synchronize users to FortiToken Cloud.
two_factor_notification str: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
type str: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
user_info_exchange_server str: MS Exchange server from which to fetch user information.
username str: Username (full DN) for initial binding.
vdomparam str: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

accountKeyCertField String: Define subject identity field in certificate for user access right checking.
accountKeyFilter String: Account key filter, using the UPN as the search filter.
accountKeyProcessing String: Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
accountKeyUpnSan String: Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
antiphish String: Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
caCert String: CA certificate name.
clientCert String: Client certificate name.
clientCertAuth String: Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
cnid String: Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
dn String: Distinguished name used to look up entries on the LDAP server.
groupFilter String: Filter used for group matching.
groupMemberCheck String: Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
groupObjectFilter String: Filter used for group searching.
groupSearchBase String: Search base used for group searching.
interface String: Specify outgoing interface to reach server.
interfaceSelectMethod String: Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
memberAttr String: Name of attribute from which to get group membership.
name String: LDAP server entry name.
obtainUserInfo String: Enable/disable obtaining of user information. Valid values: enable, disable.
password String: Password for initial binding.
passwordAttr String: Name of attribute to get password hash.
passwordExpiryWarning String: Enable/disable password expiry warnings. Valid values: enable, disable.
passwordRenewal String: Enable/disable online password renewal. Valid values: enable, disable.
port Number: Port to be used for communication with the LDAP server (default = 389).
searchType String: Search type. Valid values: recursive.
secondaryServer String: Secondary LDAP server CN domain name or IP.
secure String: Port to be used for authentication. Valid values: disable, starttls, ldaps.
server String: LDAP server CN domain name or IP.
serverIdentityCheck String: Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
sourceIp String: Source IP for communications to LDAP server.
sourcePort Number: Source port to be used for communication with the LDAP server.
sslMinProtoVersion String: Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
statusTtl Number: Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
tertiaryServer String: Tertiary LDAP server CN domain name or IP.
twoFactor String: Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
twoFactorAuthentication String: Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
twoFactorFilter String: Filter used to synchronize users to FortiToken Cloud.
twoFactorNotification String: Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
type String: Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
userInfoExchangeServer String: MS Exchange server from which to fetch user information.
username String: Username (full DN) for initial binding.
vdomparam String: Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

Import

User Ldap can be imported using any of these accepted formats:

$ pulumi import fortios:user/ldap:Ldap labelname {{name}}

If you do not want to import arguments of block:

$ export “FORTIOS_IMPORT_TABLE”=“false”

$ pulumi import fortios:user/ldap:Ldap labelname {{name}}

$ unset “FORTIOS_IMPORT_TABLE”

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: fortios pulumiverse/pulumi-fortios
License: Apache-2.0
Notes: This Pulumi package is based on the fortios Terraform Provider.

Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

pulumiverse/pulumi-fortios

fortios.user.Ldap

On this page

On this page

Example Usage

Create Ldap Resource

Constructor syntax

Parameters

Constructor example

Ldap Resource Properties

Inputs

Outputs

Look up Existing Ldap Resource

Import

Package Details

On this page

On this page