1. Packages
  2. Fortios
  3. API Docs
  4. user
  5. Ldap
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

fortios.user.Ldap

Explore with Pulumi AI

fortios logo
Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse

    Configure LDAP server entries.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as fortios from "@pulumiverse/fortios";
    
    const trname = new fortios.user.Ldap("trname", {
        accountKeyFilter: "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
        accountKeyProcessing: "same",
        cnid: "cn",
        dn: "EIWNCIEW",
        groupMemberCheck: "user-attr",
        groupObjectFilter: "(&(objectcategory=group)(member=*))",
        memberAttr: "memberOf",
        passwordExpiryWarning: "disable",
        passwordRenewal: "disable",
        port: 389,
        secure: "disable",
        server: "1.1.1.1",
        serverIdentityCheck: "disable",
        sourceIp: "0.0.0.0",
        sslMinProtoVersion: "default",
        type: "simple",
    });
    
    import pulumi
    import pulumiverse_fortios as fortios
    
    trname = fortios.user.Ldap("trname",
        account_key_filter="(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
        account_key_processing="same",
        cnid="cn",
        dn="EIWNCIEW",
        group_member_check="user-attr",
        group_object_filter="(&(objectcategory=group)(member=*))",
        member_attr="memberOf",
        password_expiry_warning="disable",
        password_renewal="disable",
        port=389,
        secure="disable",
        server="1.1.1.1",
        server_identity_check="disable",
        source_ip="0.0.0.0",
        ssl_min_proto_version="default",
        type="simple")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    	"github.com/pulumiverse/pulumi-fortios/sdk/go/fortios/user"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := user.NewLdap(ctx, "trname", &user.LdapArgs{
    			AccountKeyFilter:      pulumi.String("(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))"),
    			AccountKeyProcessing:  pulumi.String("same"),
    			Cnid:                  pulumi.String("cn"),
    			Dn:                    pulumi.String("EIWNCIEW"),
    			GroupMemberCheck:      pulumi.String("user-attr"),
    			GroupObjectFilter:     pulumi.String("(&(objectcategory=group)(member=*))"),
    			MemberAttr:            pulumi.String("memberOf"),
    			PasswordExpiryWarning: pulumi.String("disable"),
    			PasswordRenewal:       pulumi.String("disable"),
    			Port:                  pulumi.Int(389),
    			Secure:                pulumi.String("disable"),
    			Server:                pulumi.String("1.1.1.1"),
    			ServerIdentityCheck:   pulumi.String("disable"),
    			SourceIp:              pulumi.String("0.0.0.0"),
    			SslMinProtoVersion:    pulumi.String("default"),
    			Type:                  pulumi.String("simple"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Fortios = Pulumiverse.Fortios;
    
    return await Deployment.RunAsync(() => 
    {
        var trname = new Fortios.User.Ldap("trname", new()
        {
            AccountKeyFilter = "(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))",
            AccountKeyProcessing = "same",
            Cnid = "cn",
            Dn = "EIWNCIEW",
            GroupMemberCheck = "user-attr",
            GroupObjectFilter = "(&(objectcategory=group)(member=*))",
            MemberAttr = "memberOf",
            PasswordExpiryWarning = "disable",
            PasswordRenewal = "disable",
            Port = 389,
            Secure = "disable",
            Server = "1.1.1.1",
            ServerIdentityCheck = "disable",
            SourceIp = "0.0.0.0",
            SslMinProtoVersion = "default",
            Type = "simple",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.fortios.user.Ldap;
    import com.pulumi.fortios.user.LdapArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var trname = new Ldap("trname", LdapArgs.builder()
                .accountKeyFilter("(&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))")
                .accountKeyProcessing("same")
                .cnid("cn")
                .dn("EIWNCIEW")
                .groupMemberCheck("user-attr")
                .groupObjectFilter("(&(objectcategory=group)(member=*))")
                .memberAttr("memberOf")
                .passwordExpiryWarning("disable")
                .passwordRenewal("disable")
                .port(389)
                .secure("disable")
                .server("1.1.1.1")
                .serverIdentityCheck("disable")
                .sourceIp("0.0.0.0")
                .sslMinProtoVersion("default")
                .type("simple")
                .build());
    
        }
    }
    
    resources:
      trname:
        type: fortios:user:Ldap
        properties:
          accountKeyFilter: (&(userPrincipalName=%s)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
          accountKeyProcessing: same
          cnid: cn
          dn: EIWNCIEW
          groupMemberCheck: user-attr
          groupObjectFilter: (&(objectcategory=group)(member=*))
          memberAttr: memberOf
          passwordExpiryWarning: disable
          passwordRenewal: disable
          port: 389
          secure: disable
          server: 1.1.1.1
          serverIdentityCheck: disable
          sourceIp: 0.0.0.0
          sslMinProtoVersion: default
          type: simple
    

    Create Ldap Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Ldap(name: string, args: LdapArgs, opts?: CustomResourceOptions);
    @overload
    def Ldap(resource_name: str,
             args: LdapArgs,
             opts: Optional[ResourceOptions] = None)
    
    @overload
    def Ldap(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             dn: Optional[str] = None,
             server: Optional[str] = None,
             password_attr: Optional[str] = None,
             two_factor_filter: Optional[str] = None,
             antiphish: Optional[str] = None,
             ca_cert: Optional[str] = None,
             client_cert: Optional[str] = None,
             client_cert_auth: Optional[str] = None,
             account_key_cert_field: Optional[str] = None,
             account_key_processing: Optional[str] = None,
             group_filter: Optional[str] = None,
             group_member_check: Optional[str] = None,
             group_object_filter: Optional[str] = None,
             group_search_base: Optional[str] = None,
             interface: Optional[str] = None,
             interface_select_method: Optional[str] = None,
             member_attr: Optional[str] = None,
             name: Optional[str] = None,
             obtain_user_info: Optional[str] = None,
             password_renewal: Optional[str] = None,
             cnid: Optional[str] = None,
             account_key_upn_san: Optional[str] = None,
             password: Optional[str] = None,
             port: Optional[int] = None,
             search_type: Optional[str] = None,
             secondary_server: Optional[str] = None,
             secure: Optional[str] = None,
             account_key_filter: Optional[str] = None,
             server_identity_check: Optional[str] = None,
             source_ip: Optional[str] = None,
             source_port: Optional[int] = None,
             ssl_min_proto_version: Optional[str] = None,
             status_ttl: Optional[int] = None,
             tertiary_server: Optional[str] = None,
             two_factor: Optional[str] = None,
             two_factor_authentication: Optional[str] = None,
             password_expiry_warning: Optional[str] = None,
             two_factor_notification: Optional[str] = None,
             type: Optional[str] = None,
             user_info_exchange_server: Optional[str] = None,
             username: Optional[str] = None,
             vdomparam: Optional[str] = None)
    func NewLdap(ctx *Context, name string, args LdapArgs, opts ...ResourceOption) (*Ldap, error)
    public Ldap(string name, LdapArgs args, CustomResourceOptions? opts = null)
    public Ldap(String name, LdapArgs args)
    public Ldap(String name, LdapArgs args, CustomResourceOptions options)
    
    type: fortios:user:Ldap
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args LdapArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args LdapArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args LdapArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args LdapArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args LdapArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var ldapResource = new Fortios.User.Ldap("ldapResource", new()
    {
        Dn = "string",
        Server = "string",
        PasswordAttr = "string",
        TwoFactorFilter = "string",
        Antiphish = "string",
        CaCert = "string",
        ClientCert = "string",
        ClientCertAuth = "string",
        AccountKeyCertField = "string",
        AccountKeyProcessing = "string",
        GroupFilter = "string",
        GroupMemberCheck = "string",
        GroupObjectFilter = "string",
        GroupSearchBase = "string",
        Interface = "string",
        InterfaceSelectMethod = "string",
        MemberAttr = "string",
        Name = "string",
        ObtainUserInfo = "string",
        PasswordRenewal = "string",
        Cnid = "string",
        AccountKeyUpnSan = "string",
        Password = "string",
        Port = 0,
        SearchType = "string",
        SecondaryServer = "string",
        Secure = "string",
        AccountKeyFilter = "string",
        ServerIdentityCheck = "string",
        SourceIp = "string",
        SourcePort = 0,
        SslMinProtoVersion = "string",
        StatusTtl = 0,
        TertiaryServer = "string",
        TwoFactor = "string",
        TwoFactorAuthentication = "string",
        PasswordExpiryWarning = "string",
        TwoFactorNotification = "string",
        Type = "string",
        UserInfoExchangeServer = "string",
        Username = "string",
        Vdomparam = "string",
    });
    
    example, err := user.NewLdap(ctx, "ldapResource", &user.LdapArgs{
    	Dn:                      pulumi.String("string"),
    	Server:                  pulumi.String("string"),
    	PasswordAttr:            pulumi.String("string"),
    	TwoFactorFilter:         pulumi.String("string"),
    	Antiphish:               pulumi.String("string"),
    	CaCert:                  pulumi.String("string"),
    	ClientCert:              pulumi.String("string"),
    	ClientCertAuth:          pulumi.String("string"),
    	AccountKeyCertField:     pulumi.String("string"),
    	AccountKeyProcessing:    pulumi.String("string"),
    	GroupFilter:             pulumi.String("string"),
    	GroupMemberCheck:        pulumi.String("string"),
    	GroupObjectFilter:       pulumi.String("string"),
    	GroupSearchBase:         pulumi.String("string"),
    	Interface:               pulumi.String("string"),
    	InterfaceSelectMethod:   pulumi.String("string"),
    	MemberAttr:              pulumi.String("string"),
    	Name:                    pulumi.String("string"),
    	ObtainUserInfo:          pulumi.String("string"),
    	PasswordRenewal:         pulumi.String("string"),
    	Cnid:                    pulumi.String("string"),
    	AccountKeyUpnSan:        pulumi.String("string"),
    	Password:                pulumi.String("string"),
    	Port:                    pulumi.Int(0),
    	SearchType:              pulumi.String("string"),
    	SecondaryServer:         pulumi.String("string"),
    	Secure:                  pulumi.String("string"),
    	AccountKeyFilter:        pulumi.String("string"),
    	ServerIdentityCheck:     pulumi.String("string"),
    	SourceIp:                pulumi.String("string"),
    	SourcePort:              pulumi.Int(0),
    	SslMinProtoVersion:      pulumi.String("string"),
    	StatusTtl:               pulumi.Int(0),
    	TertiaryServer:          pulumi.String("string"),
    	TwoFactor:               pulumi.String("string"),
    	TwoFactorAuthentication: pulumi.String("string"),
    	PasswordExpiryWarning:   pulumi.String("string"),
    	TwoFactorNotification:   pulumi.String("string"),
    	Type:                    pulumi.String("string"),
    	UserInfoExchangeServer:  pulumi.String("string"),
    	Username:                pulumi.String("string"),
    	Vdomparam:               pulumi.String("string"),
    })
    
    var ldapResource = new Ldap("ldapResource", LdapArgs.builder()
        .dn("string")
        .server("string")
        .passwordAttr("string")
        .twoFactorFilter("string")
        .antiphish("string")
        .caCert("string")
        .clientCert("string")
        .clientCertAuth("string")
        .accountKeyCertField("string")
        .accountKeyProcessing("string")
        .groupFilter("string")
        .groupMemberCheck("string")
        .groupObjectFilter("string")
        .groupSearchBase("string")
        .interface_("string")
        .interfaceSelectMethod("string")
        .memberAttr("string")
        .name("string")
        .obtainUserInfo("string")
        .passwordRenewal("string")
        .cnid("string")
        .accountKeyUpnSan("string")
        .password("string")
        .port(0)
        .searchType("string")
        .secondaryServer("string")
        .secure("string")
        .accountKeyFilter("string")
        .serverIdentityCheck("string")
        .sourceIp("string")
        .sourcePort(0)
        .sslMinProtoVersion("string")
        .statusTtl(0)
        .tertiaryServer("string")
        .twoFactor("string")
        .twoFactorAuthentication("string")
        .passwordExpiryWarning("string")
        .twoFactorNotification("string")
        .type("string")
        .userInfoExchangeServer("string")
        .username("string")
        .vdomparam("string")
        .build());
    
    ldap_resource = fortios.user.Ldap("ldapResource",
        dn="string",
        server="string",
        password_attr="string",
        two_factor_filter="string",
        antiphish="string",
        ca_cert="string",
        client_cert="string",
        client_cert_auth="string",
        account_key_cert_field="string",
        account_key_processing="string",
        group_filter="string",
        group_member_check="string",
        group_object_filter="string",
        group_search_base="string",
        interface="string",
        interface_select_method="string",
        member_attr="string",
        name="string",
        obtain_user_info="string",
        password_renewal="string",
        cnid="string",
        account_key_upn_san="string",
        password="string",
        port=0,
        search_type="string",
        secondary_server="string",
        secure="string",
        account_key_filter="string",
        server_identity_check="string",
        source_ip="string",
        source_port=0,
        ssl_min_proto_version="string",
        status_ttl=0,
        tertiary_server="string",
        two_factor="string",
        two_factor_authentication="string",
        password_expiry_warning="string",
        two_factor_notification="string",
        type="string",
        user_info_exchange_server="string",
        username="string",
        vdomparam="string")
    
    const ldapResource = new fortios.user.Ldap("ldapResource", {
        dn: "string",
        server: "string",
        passwordAttr: "string",
        twoFactorFilter: "string",
        antiphish: "string",
        caCert: "string",
        clientCert: "string",
        clientCertAuth: "string",
        accountKeyCertField: "string",
        accountKeyProcessing: "string",
        groupFilter: "string",
        groupMemberCheck: "string",
        groupObjectFilter: "string",
        groupSearchBase: "string",
        "interface": "string",
        interfaceSelectMethod: "string",
        memberAttr: "string",
        name: "string",
        obtainUserInfo: "string",
        passwordRenewal: "string",
        cnid: "string",
        accountKeyUpnSan: "string",
        password: "string",
        port: 0,
        searchType: "string",
        secondaryServer: "string",
        secure: "string",
        accountKeyFilter: "string",
        serverIdentityCheck: "string",
        sourceIp: "string",
        sourcePort: 0,
        sslMinProtoVersion: "string",
        statusTtl: 0,
        tertiaryServer: "string",
        twoFactor: "string",
        twoFactorAuthentication: "string",
        passwordExpiryWarning: "string",
        twoFactorNotification: "string",
        type: "string",
        userInfoExchangeServer: "string",
        username: "string",
        vdomparam: "string",
    });
    
    type: fortios:user:Ldap
    properties:
        accountKeyCertField: string
        accountKeyFilter: string
        accountKeyProcessing: string
        accountKeyUpnSan: string
        antiphish: string
        caCert: string
        clientCert: string
        clientCertAuth: string
        cnid: string
        dn: string
        groupFilter: string
        groupMemberCheck: string
        groupObjectFilter: string
        groupSearchBase: string
        interface: string
        interfaceSelectMethod: string
        memberAttr: string
        name: string
        obtainUserInfo: string
        password: string
        passwordAttr: string
        passwordExpiryWarning: string
        passwordRenewal: string
        port: 0
        searchType: string
        secondaryServer: string
        secure: string
        server: string
        serverIdentityCheck: string
        sourceIp: string
        sourcePort: 0
        sslMinProtoVersion: string
        statusTtl: 0
        tertiaryServer: string
        twoFactor: string
        twoFactorAuthentication: string
        twoFactorFilter: string
        twoFactorNotification: string
        type: string
        userInfoExchangeServer: string
        username: string
        vdomparam: string
    

    Ldap Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Ldap resource accepts the following input properties:

    Dn string
    Distinguished name used to look up entries on the LDAP server.
    Server string
    LDAP server CN domain name or IP.
    AccountKeyCertField string
    Define subject identity field in certificate for user access right checking.
    AccountKeyFilter string
    Account key filter, using the UPN as the search filter.
    AccountKeyProcessing string
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    AccountKeyUpnSan string
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    Antiphish string
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    CaCert string
    CA certificate name.
    ClientCert string
    Client certificate name.
    ClientCertAuth string
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    Cnid string
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    GroupFilter string
    Filter used for group matching.
    GroupMemberCheck string
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    GroupObjectFilter string
    Filter used for group searching.
    GroupSearchBase string
    Search base used for group searching.
    Interface string
    Specify outgoing interface to reach server.
    InterfaceSelectMethod string
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    MemberAttr string
    Name of attribute from which to get group membership.
    Name string
    LDAP server entry name.
    ObtainUserInfo string
    Enable/disable obtaining of user information. Valid values: enable, disable.
    Password string
    Password for initial binding.
    PasswordAttr string
    Name of attribute to get password hash.
    PasswordExpiryWarning string
    Enable/disable password expiry warnings. Valid values: enable, disable.
    PasswordRenewal string
    Enable/disable online password renewal. Valid values: enable, disable.
    Port int
    Port to be used for communication with the LDAP server (default = 389).
    SearchType string
    Search type. Valid values: recursive.
    SecondaryServer string
    Secondary LDAP server CN domain name or IP.
    Secure string
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    ServerIdentityCheck string
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    SourceIp string
    Source IP for communications to LDAP server.
    SourcePort int
    Source port to be used for communication with the LDAP server.
    SslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    StatusTtl int
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    TertiaryServer string
    Tertiary LDAP server CN domain name or IP.
    TwoFactor string
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    TwoFactorAuthentication string
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    TwoFactorFilter string
    Filter used to synchronize users to FortiToken Cloud.
    TwoFactorNotification string
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    Type string
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    UserInfoExchangeServer string
    MS Exchange server from which to fetch user information.
    Username string
    Username (full DN) for initial binding.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    Dn string
    Distinguished name used to look up entries on the LDAP server.
    Server string
    LDAP server CN domain name or IP.
    AccountKeyCertField string
    Define subject identity field in certificate for user access right checking.
    AccountKeyFilter string
    Account key filter, using the UPN as the search filter.
    AccountKeyProcessing string
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    AccountKeyUpnSan string
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    Antiphish string
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    CaCert string
    CA certificate name.
    ClientCert string
    Client certificate name.
    ClientCertAuth string
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    Cnid string
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    GroupFilter string
    Filter used for group matching.
    GroupMemberCheck string
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    GroupObjectFilter string
    Filter used for group searching.
    GroupSearchBase string
    Search base used for group searching.
    Interface string
    Specify outgoing interface to reach server.
    InterfaceSelectMethod string
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    MemberAttr string
    Name of attribute from which to get group membership.
    Name string
    LDAP server entry name.
    ObtainUserInfo string
    Enable/disable obtaining of user information. Valid values: enable, disable.
    Password string
    Password for initial binding.
    PasswordAttr string
    Name of attribute to get password hash.
    PasswordExpiryWarning string
    Enable/disable password expiry warnings. Valid values: enable, disable.
    PasswordRenewal string
    Enable/disable online password renewal. Valid values: enable, disable.
    Port int
    Port to be used for communication with the LDAP server (default = 389).
    SearchType string
    Search type. Valid values: recursive.
    SecondaryServer string
    Secondary LDAP server CN domain name or IP.
    Secure string
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    ServerIdentityCheck string
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    SourceIp string
    Source IP for communications to LDAP server.
    SourcePort int
    Source port to be used for communication with the LDAP server.
    SslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    StatusTtl int
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    TertiaryServer string
    Tertiary LDAP server CN domain name or IP.
    TwoFactor string
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    TwoFactorAuthentication string
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    TwoFactorFilter string
    Filter used to synchronize users to FortiToken Cloud.
    TwoFactorNotification string
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    Type string
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    UserInfoExchangeServer string
    MS Exchange server from which to fetch user information.
    Username string
    Username (full DN) for initial binding.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    dn String
    Distinguished name used to look up entries on the LDAP server.
    server String
    LDAP server CN domain name or IP.
    accountKeyCertField String
    Define subject identity field in certificate for user access right checking.
    accountKeyFilter String
    Account key filter, using the UPN as the search filter.
    accountKeyProcessing String
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    accountKeyUpnSan String
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    antiphish String
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    caCert String
    CA certificate name.
    clientCert String
    Client certificate name.
    clientCertAuth String
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    cnid String
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    groupFilter String
    Filter used for group matching.
    groupMemberCheck String
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    groupObjectFilter String
    Filter used for group searching.
    groupSearchBase String
    Search base used for group searching.
    interfaceSelectMethod String
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    interface_ String
    Specify outgoing interface to reach server.
    memberAttr String
    Name of attribute from which to get group membership.
    name String
    LDAP server entry name.
    obtainUserInfo String
    Enable/disable obtaining of user information. Valid values: enable, disable.
    password String
    Password for initial binding.
    passwordAttr String
    Name of attribute to get password hash.
    passwordExpiryWarning String
    Enable/disable password expiry warnings. Valid values: enable, disable.
    passwordRenewal String
    Enable/disable online password renewal. Valid values: enable, disable.
    port Integer
    Port to be used for communication with the LDAP server (default = 389).
    searchType String
    Search type. Valid values: recursive.
    secondaryServer String
    Secondary LDAP server CN domain name or IP.
    secure String
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    serverIdentityCheck String
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    sourceIp String
    Source IP for communications to LDAP server.
    sourcePort Integer
    Source port to be used for communication with the LDAP server.
    sslMinProtoVersion String
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    statusTtl Integer
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    tertiaryServer String
    Tertiary LDAP server CN domain name or IP.
    twoFactor String
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    twoFactorAuthentication String
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    twoFactorFilter String
    Filter used to synchronize users to FortiToken Cloud.
    twoFactorNotification String
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    type String
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    userInfoExchangeServer String
    MS Exchange server from which to fetch user information.
    username String
    Username (full DN) for initial binding.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    dn string
    Distinguished name used to look up entries on the LDAP server.
    server string
    LDAP server CN domain name or IP.
    accountKeyCertField string
    Define subject identity field in certificate for user access right checking.
    accountKeyFilter string
    Account key filter, using the UPN as the search filter.
    accountKeyProcessing string
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    accountKeyUpnSan string
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    antiphish string
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    caCert string
    CA certificate name.
    clientCert string
    Client certificate name.
    clientCertAuth string
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    cnid string
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    groupFilter string
    Filter used for group matching.
    groupMemberCheck string
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    groupObjectFilter string
    Filter used for group searching.
    groupSearchBase string
    Search base used for group searching.
    interface string
    Specify outgoing interface to reach server.
    interfaceSelectMethod string
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    memberAttr string
    Name of attribute from which to get group membership.
    name string
    LDAP server entry name.
    obtainUserInfo string
    Enable/disable obtaining of user information. Valid values: enable, disable.
    password string
    Password for initial binding.
    passwordAttr string
    Name of attribute to get password hash.
    passwordExpiryWarning string
    Enable/disable password expiry warnings. Valid values: enable, disable.
    passwordRenewal string
    Enable/disable online password renewal. Valid values: enable, disable.
    port number
    Port to be used for communication with the LDAP server (default = 389).
    searchType string
    Search type. Valid values: recursive.
    secondaryServer string
    Secondary LDAP server CN domain name or IP.
    secure string
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    serverIdentityCheck string
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    sourceIp string
    Source IP for communications to LDAP server.
    sourcePort number
    Source port to be used for communication with the LDAP server.
    sslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    statusTtl number
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    tertiaryServer string
    Tertiary LDAP server CN domain name or IP.
    twoFactor string
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    twoFactorAuthentication string
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    twoFactorFilter string
    Filter used to synchronize users to FortiToken Cloud.
    twoFactorNotification string
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    type string
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    userInfoExchangeServer string
    MS Exchange server from which to fetch user information.
    username string
    Username (full DN) for initial binding.
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    dn str
    Distinguished name used to look up entries on the LDAP server.
    server str
    LDAP server CN domain name or IP.
    account_key_cert_field str
    Define subject identity field in certificate for user access right checking.
    account_key_filter str
    Account key filter, using the UPN as the search filter.
    account_key_processing str
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    account_key_upn_san str
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    antiphish str
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    ca_cert str
    CA certificate name.
    client_cert str
    Client certificate name.
    client_cert_auth str
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    cnid str
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    group_filter str
    Filter used for group matching.
    group_member_check str
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    group_object_filter str
    Filter used for group searching.
    group_search_base str
    Search base used for group searching.
    interface str
    Specify outgoing interface to reach server.
    interface_select_method str
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    member_attr str
    Name of attribute from which to get group membership.
    name str
    LDAP server entry name.
    obtain_user_info str
    Enable/disable obtaining of user information. Valid values: enable, disable.
    password str
    Password for initial binding.
    password_attr str
    Name of attribute to get password hash.
    password_expiry_warning str
    Enable/disable password expiry warnings. Valid values: enable, disable.
    password_renewal str
    Enable/disable online password renewal. Valid values: enable, disable.
    port int
    Port to be used for communication with the LDAP server (default = 389).
    search_type str
    Search type. Valid values: recursive.
    secondary_server str
    Secondary LDAP server CN domain name or IP.
    secure str
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    server_identity_check str
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    source_ip str
    Source IP for communications to LDAP server.
    source_port int
    Source port to be used for communication with the LDAP server.
    ssl_min_proto_version str
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    status_ttl int
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    tertiary_server str
    Tertiary LDAP server CN domain name or IP.
    two_factor str
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    two_factor_authentication str
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    two_factor_filter str
    Filter used to synchronize users to FortiToken Cloud.
    two_factor_notification str
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    type str
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    user_info_exchange_server str
    MS Exchange server from which to fetch user information.
    username str
    Username (full DN) for initial binding.
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    dn String
    Distinguished name used to look up entries on the LDAP server.
    server String
    LDAP server CN domain name or IP.
    accountKeyCertField String
    Define subject identity field in certificate for user access right checking.
    accountKeyFilter String
    Account key filter, using the UPN as the search filter.
    accountKeyProcessing String
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    accountKeyUpnSan String
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    antiphish String
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    caCert String
    CA certificate name.
    clientCert String
    Client certificate name.
    clientCertAuth String
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    cnid String
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    groupFilter String
    Filter used for group matching.
    groupMemberCheck String
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    groupObjectFilter String
    Filter used for group searching.
    groupSearchBase String
    Search base used for group searching.
    interface String
    Specify outgoing interface to reach server.
    interfaceSelectMethod String
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    memberAttr String
    Name of attribute from which to get group membership.
    name String
    LDAP server entry name.
    obtainUserInfo String
    Enable/disable obtaining of user information. Valid values: enable, disable.
    password String
    Password for initial binding.
    passwordAttr String
    Name of attribute to get password hash.
    passwordExpiryWarning String
    Enable/disable password expiry warnings. Valid values: enable, disable.
    passwordRenewal String
    Enable/disable online password renewal. Valid values: enable, disable.
    port Number
    Port to be used for communication with the LDAP server (default = 389).
    searchType String
    Search type. Valid values: recursive.
    secondaryServer String
    Secondary LDAP server CN domain name or IP.
    secure String
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    serverIdentityCheck String
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    sourceIp String
    Source IP for communications to LDAP server.
    sourcePort Number
    Source port to be used for communication with the LDAP server.
    sslMinProtoVersion String
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    statusTtl Number
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    tertiaryServer String
    Tertiary LDAP server CN domain name or IP.
    twoFactor String
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    twoFactorAuthentication String
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    twoFactorFilter String
    Filter used to synchronize users to FortiToken Cloud.
    twoFactorNotification String
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    type String
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    userInfoExchangeServer String
    MS Exchange server from which to fetch user information.
    username String
    Username (full DN) for initial binding.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Ldap resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing Ldap Resource

    Get an existing Ldap resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: LdapState, opts?: CustomResourceOptions): Ldap
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            account_key_cert_field: Optional[str] = None,
            account_key_filter: Optional[str] = None,
            account_key_processing: Optional[str] = None,
            account_key_upn_san: Optional[str] = None,
            antiphish: Optional[str] = None,
            ca_cert: Optional[str] = None,
            client_cert: Optional[str] = None,
            client_cert_auth: Optional[str] = None,
            cnid: Optional[str] = None,
            dn: Optional[str] = None,
            group_filter: Optional[str] = None,
            group_member_check: Optional[str] = None,
            group_object_filter: Optional[str] = None,
            group_search_base: Optional[str] = None,
            interface: Optional[str] = None,
            interface_select_method: Optional[str] = None,
            member_attr: Optional[str] = None,
            name: Optional[str] = None,
            obtain_user_info: Optional[str] = None,
            password: Optional[str] = None,
            password_attr: Optional[str] = None,
            password_expiry_warning: Optional[str] = None,
            password_renewal: Optional[str] = None,
            port: Optional[int] = None,
            search_type: Optional[str] = None,
            secondary_server: Optional[str] = None,
            secure: Optional[str] = None,
            server: Optional[str] = None,
            server_identity_check: Optional[str] = None,
            source_ip: Optional[str] = None,
            source_port: Optional[int] = None,
            ssl_min_proto_version: Optional[str] = None,
            status_ttl: Optional[int] = None,
            tertiary_server: Optional[str] = None,
            two_factor: Optional[str] = None,
            two_factor_authentication: Optional[str] = None,
            two_factor_filter: Optional[str] = None,
            two_factor_notification: Optional[str] = None,
            type: Optional[str] = None,
            user_info_exchange_server: Optional[str] = None,
            username: Optional[str] = None,
            vdomparam: Optional[str] = None) -> Ldap
    func GetLdap(ctx *Context, name string, id IDInput, state *LdapState, opts ...ResourceOption) (*Ldap, error)
    public static Ldap Get(string name, Input<string> id, LdapState? state, CustomResourceOptions? opts = null)
    public static Ldap get(String name, Output<String> id, LdapState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AccountKeyCertField string
    Define subject identity field in certificate for user access right checking.
    AccountKeyFilter string
    Account key filter, using the UPN as the search filter.
    AccountKeyProcessing string
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    AccountKeyUpnSan string
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    Antiphish string
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    CaCert string
    CA certificate name.
    ClientCert string
    Client certificate name.
    ClientCertAuth string
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    Cnid string
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    Dn string
    Distinguished name used to look up entries on the LDAP server.
    GroupFilter string
    Filter used for group matching.
    GroupMemberCheck string
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    GroupObjectFilter string
    Filter used for group searching.
    GroupSearchBase string
    Search base used for group searching.
    Interface string
    Specify outgoing interface to reach server.
    InterfaceSelectMethod string
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    MemberAttr string
    Name of attribute from which to get group membership.
    Name string
    LDAP server entry name.
    ObtainUserInfo string
    Enable/disable obtaining of user information. Valid values: enable, disable.
    Password string
    Password for initial binding.
    PasswordAttr string
    Name of attribute to get password hash.
    PasswordExpiryWarning string
    Enable/disable password expiry warnings. Valid values: enable, disable.
    PasswordRenewal string
    Enable/disable online password renewal. Valid values: enable, disable.
    Port int
    Port to be used for communication with the LDAP server (default = 389).
    SearchType string
    Search type. Valid values: recursive.
    SecondaryServer string
    Secondary LDAP server CN domain name or IP.
    Secure string
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    Server string
    LDAP server CN domain name or IP.
    ServerIdentityCheck string
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    SourceIp string
    Source IP for communications to LDAP server.
    SourcePort int
    Source port to be used for communication with the LDAP server.
    SslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    StatusTtl int
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    TertiaryServer string
    Tertiary LDAP server CN domain name or IP.
    TwoFactor string
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    TwoFactorAuthentication string
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    TwoFactorFilter string
    Filter used to synchronize users to FortiToken Cloud.
    TwoFactorNotification string
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    Type string
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    UserInfoExchangeServer string
    MS Exchange server from which to fetch user information.
    Username string
    Username (full DN) for initial binding.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    AccountKeyCertField string
    Define subject identity field in certificate for user access right checking.
    AccountKeyFilter string
    Account key filter, using the UPN as the search filter.
    AccountKeyProcessing string
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    AccountKeyUpnSan string
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    Antiphish string
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    CaCert string
    CA certificate name.
    ClientCert string
    Client certificate name.
    ClientCertAuth string
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    Cnid string
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    Dn string
    Distinguished name used to look up entries on the LDAP server.
    GroupFilter string
    Filter used for group matching.
    GroupMemberCheck string
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    GroupObjectFilter string
    Filter used for group searching.
    GroupSearchBase string
    Search base used for group searching.
    Interface string
    Specify outgoing interface to reach server.
    InterfaceSelectMethod string
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    MemberAttr string
    Name of attribute from which to get group membership.
    Name string
    LDAP server entry name.
    ObtainUserInfo string
    Enable/disable obtaining of user information. Valid values: enable, disable.
    Password string
    Password for initial binding.
    PasswordAttr string
    Name of attribute to get password hash.
    PasswordExpiryWarning string
    Enable/disable password expiry warnings. Valid values: enable, disable.
    PasswordRenewal string
    Enable/disable online password renewal. Valid values: enable, disable.
    Port int
    Port to be used for communication with the LDAP server (default = 389).
    SearchType string
    Search type. Valid values: recursive.
    SecondaryServer string
    Secondary LDAP server CN domain name or IP.
    Secure string
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    Server string
    LDAP server CN domain name or IP.
    ServerIdentityCheck string
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    SourceIp string
    Source IP for communications to LDAP server.
    SourcePort int
    Source port to be used for communication with the LDAP server.
    SslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    StatusTtl int
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    TertiaryServer string
    Tertiary LDAP server CN domain name or IP.
    TwoFactor string
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    TwoFactorAuthentication string
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    TwoFactorFilter string
    Filter used to synchronize users to FortiToken Cloud.
    TwoFactorNotification string
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    Type string
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    UserInfoExchangeServer string
    MS Exchange server from which to fetch user information.
    Username string
    Username (full DN) for initial binding.
    Vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    accountKeyCertField String
    Define subject identity field in certificate for user access right checking.
    accountKeyFilter String
    Account key filter, using the UPN as the search filter.
    accountKeyProcessing String
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    accountKeyUpnSan String
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    antiphish String
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    caCert String
    CA certificate name.
    clientCert String
    Client certificate name.
    clientCertAuth String
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    cnid String
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    dn String
    Distinguished name used to look up entries on the LDAP server.
    groupFilter String
    Filter used for group matching.
    groupMemberCheck String
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    groupObjectFilter String
    Filter used for group searching.
    groupSearchBase String
    Search base used for group searching.
    interfaceSelectMethod String
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    interface_ String
    Specify outgoing interface to reach server.
    memberAttr String
    Name of attribute from which to get group membership.
    name String
    LDAP server entry name.
    obtainUserInfo String
    Enable/disable obtaining of user information. Valid values: enable, disable.
    password String
    Password for initial binding.
    passwordAttr String
    Name of attribute to get password hash.
    passwordExpiryWarning String
    Enable/disable password expiry warnings. Valid values: enable, disable.
    passwordRenewal String
    Enable/disable online password renewal. Valid values: enable, disable.
    port Integer
    Port to be used for communication with the LDAP server (default = 389).
    searchType String
    Search type. Valid values: recursive.
    secondaryServer String
    Secondary LDAP server CN domain name or IP.
    secure String
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    server String
    LDAP server CN domain name or IP.
    serverIdentityCheck String
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    sourceIp String
    Source IP for communications to LDAP server.
    sourcePort Integer
    Source port to be used for communication with the LDAP server.
    sslMinProtoVersion String
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    statusTtl Integer
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    tertiaryServer String
    Tertiary LDAP server CN domain name or IP.
    twoFactor String
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    twoFactorAuthentication String
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    twoFactorFilter String
    Filter used to synchronize users to FortiToken Cloud.
    twoFactorNotification String
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    type String
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    userInfoExchangeServer String
    MS Exchange server from which to fetch user information.
    username String
    Username (full DN) for initial binding.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    accountKeyCertField string
    Define subject identity field in certificate for user access right checking.
    accountKeyFilter string
    Account key filter, using the UPN as the search filter.
    accountKeyProcessing string
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    accountKeyUpnSan string
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    antiphish string
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    caCert string
    CA certificate name.
    clientCert string
    Client certificate name.
    clientCertAuth string
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    cnid string
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    dn string
    Distinguished name used to look up entries on the LDAP server.
    groupFilter string
    Filter used for group matching.
    groupMemberCheck string
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    groupObjectFilter string
    Filter used for group searching.
    groupSearchBase string
    Search base used for group searching.
    interface string
    Specify outgoing interface to reach server.
    interfaceSelectMethod string
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    memberAttr string
    Name of attribute from which to get group membership.
    name string
    LDAP server entry name.
    obtainUserInfo string
    Enable/disable obtaining of user information. Valid values: enable, disable.
    password string
    Password for initial binding.
    passwordAttr string
    Name of attribute to get password hash.
    passwordExpiryWarning string
    Enable/disable password expiry warnings. Valid values: enable, disable.
    passwordRenewal string
    Enable/disable online password renewal. Valid values: enable, disable.
    port number
    Port to be used for communication with the LDAP server (default = 389).
    searchType string
    Search type. Valid values: recursive.
    secondaryServer string
    Secondary LDAP server CN domain name or IP.
    secure string
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    server string
    LDAP server CN domain name or IP.
    serverIdentityCheck string
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    sourceIp string
    Source IP for communications to LDAP server.
    sourcePort number
    Source port to be used for communication with the LDAP server.
    sslMinProtoVersion string
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    statusTtl number
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    tertiaryServer string
    Tertiary LDAP server CN domain name or IP.
    twoFactor string
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    twoFactorAuthentication string
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    twoFactorFilter string
    Filter used to synchronize users to FortiToken Cloud.
    twoFactorNotification string
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    type string
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    userInfoExchangeServer string
    MS Exchange server from which to fetch user information.
    username string
    Username (full DN) for initial binding.
    vdomparam string
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    account_key_cert_field str
    Define subject identity field in certificate for user access right checking.
    account_key_filter str
    Account key filter, using the UPN as the search filter.
    account_key_processing str
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    account_key_upn_san str
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    antiphish str
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    ca_cert str
    CA certificate name.
    client_cert str
    Client certificate name.
    client_cert_auth str
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    cnid str
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    dn str
    Distinguished name used to look up entries on the LDAP server.
    group_filter str
    Filter used for group matching.
    group_member_check str
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    group_object_filter str
    Filter used for group searching.
    group_search_base str
    Search base used for group searching.
    interface str
    Specify outgoing interface to reach server.
    interface_select_method str
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    member_attr str
    Name of attribute from which to get group membership.
    name str
    LDAP server entry name.
    obtain_user_info str
    Enable/disable obtaining of user information. Valid values: enable, disable.
    password str
    Password for initial binding.
    password_attr str
    Name of attribute to get password hash.
    password_expiry_warning str
    Enable/disable password expiry warnings. Valid values: enable, disable.
    password_renewal str
    Enable/disable online password renewal. Valid values: enable, disable.
    port int
    Port to be used for communication with the LDAP server (default = 389).
    search_type str
    Search type. Valid values: recursive.
    secondary_server str
    Secondary LDAP server CN domain name or IP.
    secure str
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    server str
    LDAP server CN domain name or IP.
    server_identity_check str
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    source_ip str
    Source IP for communications to LDAP server.
    source_port int
    Source port to be used for communication with the LDAP server.
    ssl_min_proto_version str
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    status_ttl int
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    tertiary_server str
    Tertiary LDAP server CN domain name or IP.
    two_factor str
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    two_factor_authentication str
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    two_factor_filter str
    Filter used to synchronize users to FortiToken Cloud.
    two_factor_notification str
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    type str
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    user_info_exchange_server str
    MS Exchange server from which to fetch user information.
    username str
    Username (full DN) for initial binding.
    vdomparam str
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.
    accountKeyCertField String
    Define subject identity field in certificate for user access right checking.
    accountKeyFilter String
    Account key filter, using the UPN as the search filter.
    accountKeyProcessing String
    Account key processing operation, either keep or strip domain string of UPN in the token. Valid values: same, strip.
    accountKeyUpnSan String
    Define SAN in certificate for user principle name matching. Valid values: othername, rfc822name, dnsname.
    antiphish String
    Enable/disable AntiPhishing credential backend. Valid values: enable, disable.
    caCert String
    CA certificate name.
    clientCert String
    Client certificate name.
    clientCertAuth String
    Enable/disable using client certificate for TLS authentication. Valid values: enable, disable.
    cnid String
    Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
    dn String
    Distinguished name used to look up entries on the LDAP server.
    groupFilter String
    Filter used for group matching.
    groupMemberCheck String
    Group member checking methods. Valid values: user-attr, group-object, posix-group-object.
    groupObjectFilter String
    Filter used for group searching.
    groupSearchBase String
    Search base used for group searching.
    interface String
    Specify outgoing interface to reach server.
    interfaceSelectMethod String
    Specify how to select outgoing interface to reach server. Valid values: auto, sdwan, specify.
    memberAttr String
    Name of attribute from which to get group membership.
    name String
    LDAP server entry name.
    obtainUserInfo String
    Enable/disable obtaining of user information. Valid values: enable, disable.
    password String
    Password for initial binding.
    passwordAttr String
    Name of attribute to get password hash.
    passwordExpiryWarning String
    Enable/disable password expiry warnings. Valid values: enable, disable.
    passwordRenewal String
    Enable/disable online password renewal. Valid values: enable, disable.
    port Number
    Port to be used for communication with the LDAP server (default = 389).
    searchType String
    Search type. Valid values: recursive.
    secondaryServer String
    Secondary LDAP server CN domain name or IP.
    secure String
    Port to be used for authentication. Valid values: disable, starttls, ldaps.
    server String
    LDAP server CN domain name or IP.
    serverIdentityCheck String
    Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values: enable, disable.
    sourceIp String
    Source IP for communications to LDAP server.
    sourcePort Number
    Source port to be used for communication with the LDAP server.
    sslMinProtoVersion String
    Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting).
    statusTtl Number
    Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
    tertiaryServer String
    Tertiary LDAP server CN domain name or IP.
    twoFactor String
    Enable/disable two-factor authentication. Valid values: disable, fortitoken-cloud.
    twoFactorAuthentication String
    Authentication method by FortiToken Cloud. Valid values: fortitoken, email, sms.
    twoFactorFilter String
    Filter used to synchronize users to FortiToken Cloud.
    twoFactorNotification String
    Notification method for user activation by FortiToken Cloud. Valid values: email, sms.
    type String
    Authentication type for LDAP searches. Valid values: simple, anonymous, regular.
    userInfoExchangeServer String
    MS Exchange server from which to fetch user information.
    username String
    Username (full DN) for initial binding.
    vdomparam String
    Specifies the vdom to which the resource will be applied when the FortiGate unit is running in VDOM mode. Only one vdom can be specified. If you want to inherit the vdom configuration of the provider, please do not set this parameter.

    Import

    User Ldap can be imported using any of these accepted formats:

    $ pulumi import fortios:user/ldap:Ldap labelname {{name}}
    

    If you do not want to import arguments of block:

    $ export “FORTIOS_IMPORT_TABLE”=“false”

    $ pulumi import fortios:user/ldap:Ldap labelname {{name}}
    

    $ unset “FORTIOS_IMPORT_TABLE”

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    fortios pulumiverse/pulumi-fortios
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the fortios Terraform Provider.
    fortios logo
    Fortios v0.0.6 published on Tuesday, Jul 9, 2024 by pulumiverse