vcenter identity providers: active directory over ldap

The active_directory_over_ldap structure contains the information about to how to use an Active Directory over LDAP connection to allow searching for users and groups if the identity provider is an On-Prem service. This structure was added in vSphere API 7.0.0.

Representation:

{
    "groups_base_dn""string",
    "password""secret string",
    "user_name""string",
    "users_base_dn""string",
    "server_endpoints"[
        "http://myurl.com",
        "http://myurl.com"
    ],
    "cert_chain"{
        "cert_chain"[
            "string",
            "string"
        ]
    }
}

Attributes:

Name Type Description
Required
user_name string User name to connect to the active directory server. This attribute was added in vSphere API 7.0.0.

password secret Password to connect to the active directory server. This attribute was added in vSphere API 7.0.0.

users_base_dn string Base distinguished name for users. This attribute was added in vSphere API 7.0.0.

groups_base_dn string Base distinguished name for groups. This attribute was added in vSphere API 7.0.0.

server_endpoints URI[] Active directory server endpoints. At least one active directory server endpoint must be set. This attribute was added in vSphere API 7.0.0.

cert_chain.cert_chain string[] Certificate chain in base64 format. This attribute was added in vSphere API 6.7.2.

Optional
cert_chain x509_cert_chain SSL certificate chain in base64 encoding. This attribute was added in vSphere API 7.0.0.

Optional. This field can be unset only, if all the active directory server endpoints use the LDAP (not LDAPS) protocol.