Management::CCLDAPConfiguration¶
Introduced : BIG-IP_v9.0
The CCLDAPConfiguration interface enables you to manage SSL Client
Certificate LDAP PAM configuration.
Methods¶
| Method | Description | Introduced |
| add_server | Adds/associates servers to the specified Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| add_valid_group | Adds/associates lists of valid groups in which the clients must belong in order to be authorized (matches against the group key in the group subtree). A client only needs to be a member of a single specified group in order to be authorized. | BIG-IP_v9.0 |
| add_valid_role | Adds/associates lists of valid roles that the client must possess in order to be authorized. A client only needs to match of a single specified role in order to be authorized. | BIG-IP_v9.0 |
| create | Creates the specified Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| delete_all_configurations | Deletes all Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| delete_configuration | Deletes the specified Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| get_admin_distinguished_name | Gets the admin DNs for the specified Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| get_admin_password | Gets the admin passwords for the specified Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| get_cache_size | Gets the maximum LDAP response cache sizes in bytes. If zero is specified, the cache is not activated. | BIG-IP_v9.0 |
| get_cache_timeout | Gets the LDAP response cache timeout in seconds. If zero is specified, the cache is not activated. | BIG-IP_v9.0 |
| get_description | Gets the descriptions for a set of Client Certificate LDAP configurations. | BIG-IP_v11.0.0 |
| get_group_base | Gets the search bases for the subtrees used by group searches. | BIG-IP_v9.0 |
| get_group_key | Gets the names of the attributes in the LDAP database that identify the group names in the group subtrees. | BIG-IP_v9.0 |
| get_group_member_key | Gets the names of the attributes in the LDAP database that identify members (DNs) of a group. A typical key would be “member”. | BIG-IP_v9.0 |
| get_list | Gets a list of all Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| get_role_key | Gets the names of the attributes in the LDAP database that identify a user&aposs authorization roles. | BIG-IP_v9.0 |
| get_search_option | Gets the search options used by the Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| get_server | Gets the lists of servers the specified Client Certificate LDAP configurations are associated with. | BIG-IP_v9.0 |
| get_use_certificate_serial_state | Gets the states indicating whether to use the client certificate&aposs serial number instead of its subject (one or the other is always used in conjunction with the certificate issuer) when trying to match an entry in the certificate map subtree. | BIG-IP_v9.0 |
| get_use_security_state | Gets the states indicating whether SSL/TLS should be used when connecting to the LDAP server. | BIG-IP_v9.0 |
| get_user_class | Gets the user classes (only in certficate search method) for the specified Client Certificate LDAP configurations. | BIG-IP_v9.0.2 |
| get_valid_group | Gets the lists of valid groups in which the clients must belong in order to be authorized (matches against the group key in the group subtree). A client only needs to be a member of a single specified group in order to be authorized. | BIG-IP_v9.0 |
| get_valid_role | Gets the lists of valid roles that the client must possess in order to be authorized. A client only needs to match of a single specified role in order to be authorized. | BIG-IP_v9.0 |
| get_version | Gets the version information for this interface. | BIG-IP_v9.0 |
| remove_all_valid_groups | Removes all lists of valid groups in which the clients must belong in order to be authorized (matches against the group key in the group subtree). A client only needs to be a member of a single specified group in order to be authorized. | BIG-IP_v9.0 |
| remove_all_valid_roles | Removes all lists of valid roles that the client must possess in order to be authorized. A client only needs to match of a single specified role in order to be authorized. | BIG-IP_v9.0 |
| remove_server | Removes servers from the specified Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| remove_valid_group | Removes lists of valid groups in which the clients must belong in order to be authorized (matches against the group key in the group subtree). A client only needs to be a member of a single specified group in order to be authorized. | BIG-IP_v9.0 |
| remove_valid_role | Removes lists of valid roles that the client must possess in order to be authorized. A client only needs to match of a single specified role in order to be authorized. | BIG-IP_v9.0 |
| set_admin_distinguished_name | Sets the admin DNs for the specified Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| set_admin_password | Sets the admin passwords for the specified Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| set_cache_size | Sets the maximum LDAP response cache sizes in bytes. If zero is specified, the cache is not activated. | BIG-IP_v9.0 |
| set_cache_timeout | Sets the LDAP response cache timeout in seconds. If zero is specified, the cache is not activated. | BIG-IP_v9.0 |
| set_description | Sets the description for a set of Client Certificate LDAP configurations. This is an arbitrary field which can be used for any purpose. | BIG-IP_v11.0.0 |
| set_group_base | Sets the search bases for the subtrees used by group searches. | BIG-IP_v9.0 |
| set_group_key | Sets the names of the attributes in the LDAP database that identify the group names in the group subtrees. | BIG-IP_v9.0 |
| set_group_member_key | Sets the names of the attributes in the LDAP database that identify members (DNs) of a group. A typical key would be “member”. | BIG-IP_v9.0 |
| set_role_key | Sets the names of the attributes in the LDAP database that identify a user&aposs authorization roles. | BIG-IP_v9.0 |
| set_search_option | Sets the search options used by the Client Certificate LDAP configurations. | BIG-IP_v9.0 |
| set_use_certificate_serial_state | Sets the states indicating whether to use the client certificate&aposs serial number instead of its subject (one or the other is always used in conjunction with the certificate issuer) when trying to match an entry in the certificate map subtree. | BIG-IP_v9.0 |
| set_use_security_state | Sets the states indicating whether SSL/TLS should be used when connecting to the LDAP server. | BIG-IP_v9.0 |
| set_user_class | Sets the user classes (only in certficate search method) for the specified Client Certificate LDAP configurations. | BIG-IP_v9.0.2 |
Aliases¶
| Alias | Type | Description |
| LDAPSearchOptionSequence | LDAPSearchOption [] | A sequence of LDAP search options. |
See Also¶
iControl ::
Warning
The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.
Sample Code¶
The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.