Management::CertLDAPConfiguration::set_check_roles_group_state

Introduced : BIG-IP_v11.2.0
Sets the states indicating whether to check the membership attribute in groups given in remote-role definitions for access control. Default is no; if set to yes, and user does not belong to any groups given in the remote-role definitions, and pam_ldap is configured for account management (authorization) then the user will only be able to log in using the default remote-role, which can be set to deny access.

Prototype

 set_check_roles_group_state(
    in String [] config_names,
    in EnabledState [] states
);

Parameters

Parameter Type Description
config_names String [] The names of the CertLDAP configurations.
states EnabledState [] The states of the specified configurations.

Return Type

Type Description
void  

Exceptions

Exception Description
Common::AccessDenied Raised if the client credentials are not valid.
Common::InvalidArgument Raised if one of the arguments is invalid.
Common::OperationFailed Raised if an operation error occurs.

See Also

Warning

The links to the sample code below are remnants of the old DevCentral wiki and will result in a 404 error. For best results, please copy the link text and search the codeshare directly on DevCentral.

Sample Code


The BIG-IP API Reference documentation contains community-contributed content. F5 does not monitor or control community code contributions. We make no guarantees or warranties regarding the available code, and it may contain errors, defects, bugs, inaccuracies, or security vulnerabilities. Your access to and use of any code available in the BIG-IP API reference guides is solely at your own risk.