Docs Home
fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev
fortimanager.ObjectUserLdapDynamicMapping
Explore with Pulumi AI
fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev
Configure LDAP server entries.
This resource is a sub resource for variable
dynamic_mappingof resourcefortimanager.ObjectUserLdap. Conflict and overwrite may occur if use both of them.
Create ObjectUserLdapDynamicMapping Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new ObjectUserLdapDynamicMapping(name: string, args: ObjectUserLdapDynamicMappingArgs, opts?: CustomResourceOptions);@overload
def ObjectUserLdapDynamicMapping(resource_name: str,
args: ObjectUserLdapDynamicMappingInitArgs,
opts: Optional[ResourceOptions] = None)
@overload
def ObjectUserLdapDynamicMapping(resource_name: str,
opts: Optional[ResourceOptions] = None,
ldap: Optional[str] = None,
_scopes: Optional[Sequence[ObjectUserLdapDynamicMapping_ScopeArgs]] = None,
account_key_cert_field: Optional[str] = None,
account_key_filter: Optional[str] = None,
account_key_name: Optional[str] = None,
account_key_processing: Optional[str] = None,
account_key_upn_san: Optional[str] = None,
adom: Optional[str] = None,
antiphish: Optional[str] = None,
ca_cert: Optional[str] = None,
client_cert_auth: Optional[str] = None,
client_certs: Optional[Sequence[str]] = None,
cnid: Optional[str] = None,
dn: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
filter: Optional[str] = None,
group: Optional[str] = None,
group_filter: Optional[str] = None,
group_member_check: Optional[str] = None,
group_object_filter: Optional[str] = None,
group_object_search_base: Optional[str] = None,
group_search_base: Optional[str] = None,
interface: Optional[str] = None,
interface_select_method: Optional[str] = None,
max_connections: Optional[float] = None,
member_attr: Optional[str] = None,
object_user_ldap_dynamic_mapping_id: Optional[str] = None,
obtain_user_info: Optional[str] = None,
password_attr: Optional[str] = None,
password_expiry_warning: Optional[str] = None,
password_renewal: Optional[str] = None,
passwords: Optional[Sequence[str]] = None,
port: Optional[float] = None,
retrieve_protection_profile: Optional[str] = None,
scopetype: Optional[str] = None,
search_types: Optional[Sequence[str]] = None,
secondary_server: Optional[str] = None,
secure: Optional[str] = None,
server: Optional[str] = None,
server_identity_check: Optional[str] = None,
source_ip: Optional[str] = None,
source_ip_interfaces: Optional[Sequence[str]] = None,
source_port: Optional[float] = None,
ssl_max_proto_version: Optional[str] = None,
ssl_min_proto_version: Optional[str] = None,
status_ttl: Optional[float] = None,
tertiary_server: Optional[str] = None,
two_factor: Optional[str] = None,
two_factor_authentication: Optional[str] = None,
two_factor_filter: Optional[str] = None,
two_factor_notification: Optional[str] = None,
type: Optional[str] = None,
user_info_exchange_server: Optional[str] = None,
username: Optional[str] = None)func NewObjectUserLdapDynamicMapping(ctx *Context, name string, args ObjectUserLdapDynamicMappingArgs, opts ...ResourceOption) (*ObjectUserLdapDynamicMapping, error)public ObjectUserLdapDynamicMapping(string name, ObjectUserLdapDynamicMappingArgs args, CustomResourceOptions? opts = null)
public ObjectUserLdapDynamicMapping(String name, ObjectUserLdapDynamicMappingArgs args)
public ObjectUserLdapDynamicMapping(String name, ObjectUserLdapDynamicMappingArgs args, CustomResourceOptions options)
type: fortimanager:ObjectUserLdapDynamicMapping
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ObjectUserLdapDynamicMappingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ObjectUserLdapDynamicMappingInitArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ObjectUserLdapDynamicMappingArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ObjectUserLdapDynamicMappingArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ObjectUserLdapDynamicMappingArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var objectUserLdapDynamicMappingResource = new Fortimanager.ObjectUserLdapDynamicMapping("objectUserLdapDynamicMappingResource", new()
{
Ldap = "string",
_scopes = new[]
{
new Fortimanager.Inputs.ObjectUserLdapDynamicMapping_ScopeArgs
{
Name = "string",
Vdom = "string",
},
},
AccountKeyCertField = "string",
AccountKeyFilter = "string",
AccountKeyName = "string",
AccountKeyProcessing = "string",
AccountKeyUpnSan = "string",
Adom = "string",
Antiphish = "string",
CaCert = "string",
ClientCertAuth = "string",
ClientCerts = new[]
{
"string",
},
Cnid = "string",
Dn = "string",
DynamicSortSubtable = "string",
Filter = "string",
Group = "string",
GroupFilter = "string",
GroupMemberCheck = "string",
GroupObjectFilter = "string",
GroupObjectSearchBase = "string",
GroupSearchBase = "string",
Interface = "string",
InterfaceSelectMethod = "string",
MaxConnections = 0,
MemberAttr = "string",
ObjectUserLdapDynamicMappingId = "string",
ObtainUserInfo = "string",
PasswordAttr = "string",
PasswordExpiryWarning = "string",
PasswordRenewal = "string",
Passwords = new[]
{
"string",
},
Port = 0,
RetrieveProtectionProfile = "string",
Scopetype = "string",
SearchTypes = new[]
{
"string",
},
SecondaryServer = "string",
Secure = "string",
Server = "string",
ServerIdentityCheck = "string",
SourceIp = "string",
SourceIpInterfaces = new[]
{
"string",
},
SourcePort = 0,
SslMaxProtoVersion = "string",
SslMinProtoVersion = "string",
StatusTtl = 0,
TertiaryServer = "string",
TwoFactor = "string",
TwoFactorAuthentication = "string",
TwoFactorFilter = "string",
TwoFactorNotification = "string",
Type = "string",
UserInfoExchangeServer = "string",
Username = "string",
});
example, err := fortimanager.NewObjectUserLdapDynamicMapping(ctx, "objectUserLdapDynamicMappingResource", &fortimanager.ObjectUserLdapDynamicMappingArgs{
Ldap: pulumi.String("string"),
_scopes: .ObjectUserLdapDynamicMapping_ScopeArray{
&.ObjectUserLdapDynamicMapping_ScopeArgs{
Name: pulumi.String("string"),
Vdom: pulumi.String("string"),
},
},
AccountKeyCertField: pulumi.String("string"),
AccountKeyFilter: pulumi.String("string"),
AccountKeyName: pulumi.String("string"),
AccountKeyProcessing: pulumi.String("string"),
AccountKeyUpnSan: pulumi.String("string"),
Adom: pulumi.String("string"),
Antiphish: pulumi.String("string"),
CaCert: pulumi.String("string"),
ClientCertAuth: pulumi.String("string"),
ClientCerts: pulumi.StringArray{
pulumi.String("string"),
},
Cnid: pulumi.String("string"),
Dn: pulumi.String("string"),
DynamicSortSubtable: pulumi.String("string"),
Filter: pulumi.String("string"),
Group: pulumi.String("string"),
GroupFilter: pulumi.String("string"),
GroupMemberCheck: pulumi.String("string"),
GroupObjectFilter: pulumi.String("string"),
GroupObjectSearchBase: pulumi.String("string"),
GroupSearchBase: pulumi.String("string"),
Interface: pulumi.String("string"),
InterfaceSelectMethod: pulumi.String("string"),
MaxConnections: pulumi.Float64(0),
MemberAttr: pulumi.String("string"),
ObjectUserLdapDynamicMappingId: pulumi.String("string"),
ObtainUserInfo: pulumi.String("string"),
PasswordAttr: pulumi.String("string"),
PasswordExpiryWarning: pulumi.String("string"),
PasswordRenewal: pulumi.String("string"),
Passwords: pulumi.StringArray{
pulumi.String("string"),
},
Port: pulumi.Float64(0),
RetrieveProtectionProfile: pulumi.String("string"),
Scopetype: pulumi.String("string"),
SearchTypes: pulumi.StringArray{
pulumi.String("string"),
},
SecondaryServer: pulumi.String("string"),
Secure: pulumi.String("string"),
Server: pulumi.String("string"),
ServerIdentityCheck: pulumi.String("string"),
SourceIp: pulumi.String("string"),
SourceIpInterfaces: pulumi.StringArray{
pulumi.String("string"),
},
SourcePort: pulumi.Float64(0),
SslMaxProtoVersion: pulumi.String("string"),
SslMinProtoVersion: pulumi.String("string"),
StatusTtl: pulumi.Float64(0),
TertiaryServer: pulumi.String("string"),
TwoFactor: pulumi.String("string"),
TwoFactorAuthentication: pulumi.String("string"),
TwoFactorFilter: pulumi.String("string"),
TwoFactorNotification: pulumi.String("string"),
Type: pulumi.String("string"),
UserInfoExchangeServer: pulumi.String("string"),
Username: pulumi.String("string"),
})
var objectUserLdapDynamicMappingResource = new ObjectUserLdapDynamicMapping("objectUserLdapDynamicMappingResource", ObjectUserLdapDynamicMappingArgs.builder()
.ldap("string")
._scopes(ObjectUserLdapDynamicMapping_ScopeArgs.builder()
.name("string")
.vdom("string")
.build())
.accountKeyCertField("string")
.accountKeyFilter("string")
.accountKeyName("string")
.accountKeyProcessing("string")
.accountKeyUpnSan("string")
.adom("string")
.antiphish("string")
.caCert("string")
.clientCertAuth("string")
.clientCerts("string")
.cnid("string")
.dn("string")
.dynamicSortSubtable("string")
.filter("string")
.group("string")
.groupFilter("string")
.groupMemberCheck("string")
.groupObjectFilter("string")
.groupObjectSearchBase("string")
.groupSearchBase("string")
.interface_("string")
.interfaceSelectMethod("string")
.maxConnections(0)
.memberAttr("string")
.objectUserLdapDynamicMappingId("string")
.obtainUserInfo("string")
.passwordAttr("string")
.passwordExpiryWarning("string")
.passwordRenewal("string")
.passwords("string")
.port(0)
.retrieveProtectionProfile("string")
.scopetype("string")
.searchTypes("string")
.secondaryServer("string")
.secure("string")
.server("string")
.serverIdentityCheck("string")
.sourceIp("string")
.sourceIpInterfaces("string")
.sourcePort(0)
.sslMaxProtoVersion("string")
.sslMinProtoVersion("string")
.statusTtl(0)
.tertiaryServer("string")
.twoFactor("string")
.twoFactorAuthentication("string")
.twoFactorFilter("string")
.twoFactorNotification("string")
.type("string")
.userInfoExchangeServer("string")
.username("string")
.build());
object_user_ldap_dynamic_mapping_resource = fortimanager.ObjectUserLdapDynamicMapping("objectUserLdapDynamicMappingResource",
ldap="string",
_scopes=[{
"name": "string",
"vdom": "string",
}],
account_key_cert_field="string",
account_key_filter="string",
account_key_name="string",
account_key_processing="string",
account_key_upn_san="string",
adom="string",
antiphish="string",
ca_cert="string",
client_cert_auth="string",
client_certs=["string"],
cnid="string",
dn="string",
dynamic_sort_subtable="string",
filter="string",
group="string",
group_filter="string",
group_member_check="string",
group_object_filter="string",
group_object_search_base="string",
group_search_base="string",
interface="string",
interface_select_method="string",
max_connections=0,
member_attr="string",
object_user_ldap_dynamic_mapping_id="string",
obtain_user_info="string",
password_attr="string",
password_expiry_warning="string",
password_renewal="string",
passwords=["string"],
port=0,
retrieve_protection_profile="string",
scopetype="string",
search_types=["string"],
secondary_server="string",
secure="string",
server="string",
server_identity_check="string",
source_ip="string",
source_ip_interfaces=["string"],
source_port=0,
ssl_max_proto_version="string",
ssl_min_proto_version="string",
status_ttl=0,
tertiary_server="string",
two_factor="string",
two_factor_authentication="string",
two_factor_filter="string",
two_factor_notification="string",
type="string",
user_info_exchange_server="string",
username="string")
const objectUserLdapDynamicMappingResource = new fortimanager.ObjectUserLdapDynamicMapping("objectUserLdapDynamicMappingResource", {
ldap: "string",
_scopes: [{
name: "string",
vdom: "string",
}],
accountKeyCertField: "string",
accountKeyFilter: "string",
accountKeyName: "string",
accountKeyProcessing: "string",
accountKeyUpnSan: "string",
adom: "string",
antiphish: "string",
caCert: "string",
clientCertAuth: "string",
clientCerts: ["string"],
cnid: "string",
dn: "string",
dynamicSortSubtable: "string",
filter: "string",
group: "string",
groupFilter: "string",
groupMemberCheck: "string",
groupObjectFilter: "string",
groupObjectSearchBase: "string",
groupSearchBase: "string",
"interface": "string",
interfaceSelectMethod: "string",
maxConnections: 0,
memberAttr: "string",
objectUserLdapDynamicMappingId: "string",
obtainUserInfo: "string",
passwordAttr: "string",
passwordExpiryWarning: "string",
passwordRenewal: "string",
passwords: ["string"],
port: 0,
retrieveProtectionProfile: "string",
scopetype: "string",
searchTypes: ["string"],
secondaryServer: "string",
secure: "string",
server: "string",
serverIdentityCheck: "string",
sourceIp: "string",
sourceIpInterfaces: ["string"],
sourcePort: 0,
sslMaxProtoVersion: "string",
sslMinProtoVersion: "string",
statusTtl: 0,
tertiaryServer: "string",
twoFactor: "string",
twoFactorAuthentication: "string",
twoFactorFilter: "string",
twoFactorNotification: "string",
type: "string",
userInfoExchangeServer: "string",
username: "string",
});
type: fortimanager:ObjectUserLdapDynamicMapping
properties:
_scopes:
- name: string
vdom: string
accountKeyCertField: string
accountKeyFilter: string
accountKeyName: string
accountKeyProcessing: string
accountKeyUpnSan: string
adom: string
antiphish: string
caCert: string
clientCertAuth: string
clientCerts:
- string
cnid: string
dn: string
dynamicSortSubtable: string
filter: string
group: string
groupFilter: string
groupMemberCheck: string
groupObjectFilter: string
groupObjectSearchBase: string
groupSearchBase: string
interface: string
interfaceSelectMethod: string
ldap: string
maxConnections: 0
memberAttr: string
objectUserLdapDynamicMappingId: string
obtainUserInfo: string
passwordAttr: string
passwordExpiryWarning: string
passwordRenewal: string
passwords:
- string
port: 0
retrieveProtectionProfile: string
scopetype: string
searchTypes:
- string
secondaryServer: string
secure: string
server: string
serverIdentityCheck: string
sourceIp: string
sourceIpInterfaces:
- string
sourcePort: 0
sslMaxProtoVersion: string
sslMinProtoVersion: string
statusTtl: 0
tertiaryServer: string
twoFactor: string
twoFactorAuthentication: string
twoFactorFilter: string
twoFactorNotification: string
type: string
userInfoExchangeServer: string
username: string
ObjectUserLdapDynamicMapping Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The ObjectUserLdapDynamicMapping resource accepts the following input properties:
- Ldap string
- Ldap.
- Account
Key stringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - Account
Key stringFilter - Account key filter, using the UPN as the search filter.
- Account
Key stringName - Account-Key-Name.
- Account
Key stringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - Account
Key stringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - Adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - Antiphish string
- Antiphish. Valid values:
disable,enable. - Ca
Cert string - CA certificate name.
- Client
Cert stringAuth - Client-Cert-Auth. Valid values:
disable,enable. - Client
Certs List<string> - Client-Cert.
- Cnid string
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- Dn string
- Distinguished name used to look up entries on the LDAP server.
- Dynamic
Sort stringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- Filter string
- Filter.
- Group string
- Group.
- Group
Filter string - Filter used for group matching.
- Group
Member stringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - Group
Object stringFilter - Filter used for group searching.
- Group
Object stringSearch Base - Group-Object-Search-Base.
- Group
Search stringBase - Search base used for group searching.
- Interface string
- Specify outgoing interface to reach server.
- Interface
Select stringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - Max
Connections double - Max-Connections.
- Member
Attr string - Name of attribute from which to get group membership.
- Object
User stringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- Obtain
User stringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - Password
Attr string - Password-Attr.
- Password
Expiry stringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - Password
Renewal string - Enable/disable online password renewal. Valid values:
disable,enable. - Passwords List<string>
- Password for initial binding.
- Port double
- Port to be used for communication with the LDAP server (default = 389).
- Retrieve
Protection stringProfile - Retrieve-Protection-Profile.
- Scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - Search
Types List<string> - Search type. Valid values:
nested,recursive. - Secondary
Server string - Secondary LDAP server CN domain name or IP.
- Secure string
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - Server string
- LDAP server CN domain name or IP.
- Server
Identity stringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - Source
Ip string - Source IP for communications to LDAP server.
- Source
Ip List<string>Interfaces - Source interface for communication with the LDAP server.
- Source
Port double - Source-Port.
- Ssl
Max stringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - Ssl
Min stringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - Status
Ttl double - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- Tertiary
Server string - Tertiary LDAP server CN domain name or IP.
- Two
Factor string - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - Two
Factor stringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - Two
Factor stringFilter - Filter used to synchronize users to FortiToken Cloud.
- Two
Factor stringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - Type string
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - User
Info stringExchange Server - MS Exchange server from which to fetch user information.
- Username string
- Username (full DN) for initial binding.
- _
scopes List<ObjectUser Ldap Dynamic Mapping_Scope> - _Scope. The structure of
_scopeblock is documented below.
- Ldap string
- Ldap.
- Account
Key stringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - Account
Key stringFilter - Account key filter, using the UPN as the search filter.
- Account
Key stringName - Account-Key-Name.
- Account
Key stringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - Account
Key stringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - Adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - Antiphish string
- Antiphish. Valid values:
disable,enable. - Ca
Cert string - CA certificate name.
- Client
Cert stringAuth - Client-Cert-Auth. Valid values:
disable,enable. - Client
Certs []string - Client-Cert.
- Cnid string
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- Dn string
- Distinguished name used to look up entries on the LDAP server.
- Dynamic
Sort stringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- Filter string
- Filter.
- Group string
- Group.
- Group
Filter string - Filter used for group matching.
- Group
Member stringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - Group
Object stringFilter - Filter used for group searching.
- Group
Object stringSearch Base - Group-Object-Search-Base.
- Group
Search stringBase - Search base used for group searching.
- Interface string
- Specify outgoing interface to reach server.
- Interface
Select stringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - Max
Connections float64 - Max-Connections.
- Member
Attr string - Name of attribute from which to get group membership.
- Object
User stringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- Obtain
User stringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - Password
Attr string - Password-Attr.
- Password
Expiry stringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - Password
Renewal string - Enable/disable online password renewal. Valid values:
disable,enable. - Passwords []string
- Password for initial binding.
- Port float64
- Port to be used for communication with the LDAP server (default = 389).
- Retrieve
Protection stringProfile - Retrieve-Protection-Profile.
- Scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - Search
Types []string - Search type. Valid values:
nested,recursive. - Secondary
Server string - Secondary LDAP server CN domain name or IP.
- Secure string
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - Server string
- LDAP server CN domain name or IP.
- Server
Identity stringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - Source
Ip string - Source IP for communications to LDAP server.
- Source
Ip []stringInterfaces - Source interface for communication with the LDAP server.
- Source
Port float64 - Source-Port.
- Ssl
Max stringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - Ssl
Min stringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - Status
Ttl float64 - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- Tertiary
Server string - Tertiary LDAP server CN domain name or IP.
- Two
Factor string - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - Two
Factor stringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - Two
Factor stringFilter - Filter used to synchronize users to FortiToken Cloud.
- Two
Factor stringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - Type string
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - User
Info stringExchange Server - MS Exchange server from which to fetch user information.
- Username string
- Username (full DN) for initial binding.
- _
scopes []ObjectUser Ldap Dynamic Mapping_Scope Args - _Scope. The structure of
_scopeblock is documented below.
- ldap String
- Ldap.
- _
scopes List<ObjectUser Ldap Dynamic Mapping_Scope> - _Scope. The structure of
_scopeblock is documented below. - account
Key StringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - account
Key StringFilter - Account key filter, using the UPN as the search filter.
- account
Key StringName - Account-Key-Name.
- account
Key StringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - account
Key StringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - adom String
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - antiphish String
- Antiphish. Valid values:
disable,enable. - ca
Cert String - CA certificate name.
- client
Cert StringAuth - Client-Cert-Auth. Valid values:
disable,enable. - client
Certs List<String> - Client-Cert.
- cnid String
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- dn String
- Distinguished name used to look up entries on the LDAP server.
- dynamic
Sort StringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- filter String
- Filter.
- group String
- Group.
- group
Filter String - Filter used for group matching.
- group
Member StringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - group
Object StringFilter - Filter used for group searching.
- group
Object StringSearch Base - Group-Object-Search-Base.
- group
Search StringBase - Search base used for group searching.
- interface
Select StringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - interface_ String
- Specify outgoing interface to reach server.
- max
Connections Double - Max-Connections.
- member
Attr String - Name of attribute from which to get group membership.
- object
User StringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- obtain
User StringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - password
Attr String - Password-Attr.
- password
Expiry StringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - password
Renewal String - Enable/disable online password renewal. Valid values:
disable,enable. - passwords List<String>
- Password for initial binding.
- port Double
- Port to be used for communication with the LDAP server (default = 389).
- retrieve
Protection StringProfile - Retrieve-Protection-Profile.
- scopetype String
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - search
Types List<String> - Search type. Valid values:
nested,recursive. - secondary
Server String - Secondary LDAP server CN domain name or IP.
- secure String
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - server String
- LDAP server CN domain name or IP.
- server
Identity StringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - source
Ip String - Source IP for communications to LDAP server.
- source
Ip List<String>Interfaces - Source interface for communication with the LDAP server.
- source
Port Double - Source-Port.
- ssl
Max StringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - ssl
Min StringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - status
Ttl Double - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- tertiary
Server String - Tertiary LDAP server CN domain name or IP.
- two
Factor String - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - two
Factor StringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - two
Factor StringFilter - Filter used to synchronize users to FortiToken Cloud.
- two
Factor StringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - type String
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - user
Info StringExchange Server - MS Exchange server from which to fetch user information.
- username String
- Username (full DN) for initial binding.
- ldap string
- Ldap.
- _
scopes ObjectUser Ldap Dynamic Mapping_Scope[] - _Scope. The structure of
_scopeblock is documented below. - account
Key stringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - account
Key stringFilter - Account key filter, using the UPN as the search filter.
- account
Key stringName - Account-Key-Name.
- account
Key stringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - account
Key stringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - antiphish string
- Antiphish. Valid values:
disable,enable. - ca
Cert string - CA certificate name.
- client
Cert stringAuth - Client-Cert-Auth. Valid values:
disable,enable. - client
Certs string[] - Client-Cert.
- cnid string
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- dn string
- Distinguished name used to look up entries on the LDAP server.
- dynamic
Sort stringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- filter string
- Filter.
- group string
- Group.
- group
Filter string - Filter used for group matching.
- group
Member stringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - group
Object stringFilter - Filter used for group searching.
- group
Object stringSearch Base - Group-Object-Search-Base.
- group
Search stringBase - Search base used for group searching.
- interface string
- Specify outgoing interface to reach server.
- interface
Select stringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - max
Connections number - Max-Connections.
- member
Attr string - Name of attribute from which to get group membership.
- object
User stringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- obtain
User stringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - password
Attr string - Password-Attr.
- password
Expiry stringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - password
Renewal string - Enable/disable online password renewal. Valid values:
disable,enable. - passwords string[]
- Password for initial binding.
- port number
- Port to be used for communication with the LDAP server (default = 389).
- retrieve
Protection stringProfile - Retrieve-Protection-Profile.
- scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - search
Types string[] - Search type. Valid values:
nested,recursive. - secondary
Server string - Secondary LDAP server CN domain name or IP.
- secure string
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - server string
- LDAP server CN domain name or IP.
- server
Identity stringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - source
Ip string - Source IP for communications to LDAP server.
- source
Ip string[]Interfaces - Source interface for communication with the LDAP server.
- source
Port number - Source-Port.
- ssl
Max stringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - ssl
Min stringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - status
Ttl number - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- tertiary
Server string - Tertiary LDAP server CN domain name or IP.
- two
Factor string - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - two
Factor stringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - two
Factor stringFilter - Filter used to synchronize users to FortiToken Cloud.
- two
Factor stringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - type string
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - user
Info stringExchange Server - MS Exchange server from which to fetch user information.
- username string
- Username (full DN) for initial binding.
- ldap str
- Ldap.
- _
scopes Sequence[ObjectUser Ldap Dynamic Mapping_Scope Args] - _Scope. The structure of
_scopeblock is documented below. - account_
key_ strcert_ field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - account_
key_ strfilter - Account key filter, using the UPN as the search filter.
- account_
key_ strname - Account-Key-Name.
- account_
key_ strprocessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - account_
key_ strupn_ san - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - adom str
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - antiphish str
- Antiphish. Valid values:
disable,enable. - ca_
cert str - CA certificate name.
- client_
cert_ strauth - Client-Cert-Auth. Valid values:
disable,enable. - client_
certs Sequence[str] - Client-Cert.
- cnid str
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- dn str
- Distinguished name used to look up entries on the LDAP server.
- dynamic_
sort_ strsubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- filter str
- Filter.
- group str
- Group.
- group_
filter str - Filter used for group matching.
- group_
member_ strcheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - group_
object_ strfilter - Filter used for group searching.
- group_
object_ strsearch_ base - Group-Object-Search-Base.
- group_
search_ strbase - Search base used for group searching.
- interface str
- Specify outgoing interface to reach server.
- interface_
select_ strmethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - max_
connections float - Max-Connections.
- member_
attr str - Name of attribute from which to get group membership.
- object_
user_ strldap_ dynamic_ mapping_ id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- obtain_
user_ strinfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - password_
attr str - Password-Attr.
- password_
expiry_ strwarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - password_
renewal str - Enable/disable online password renewal. Valid values:
disable,enable. - passwords Sequence[str]
- Password for initial binding.
- port float
- Port to be used for communication with the LDAP server (default = 389).
- retrieve_
protection_ strprofile - Retrieve-Protection-Profile.
- scopetype str
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - search_
types Sequence[str] - Search type. Valid values:
nested,recursive. - secondary_
server str - Secondary LDAP server CN domain name or IP.
- secure str
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - server str
- LDAP server CN domain name or IP.
- server_
identity_ strcheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - source_
ip str - Source IP for communications to LDAP server.
- source_
ip_ Sequence[str]interfaces - Source interface for communication with the LDAP server.
- source_
port float - Source-Port.
- ssl_
max_ strproto_ version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - ssl_
min_ strproto_ version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - status_
ttl float - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- tertiary_
server str - Tertiary LDAP server CN domain name or IP.
- two_
factor str - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - two_
factor_ strauthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - two_
factor_ strfilter - Filter used to synchronize users to FortiToken Cloud.
- two_
factor_ strnotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - type str
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - user_
info_ strexchange_ server - MS Exchange server from which to fetch user information.
- username str
- Username (full DN) for initial binding.
- ldap String
- Ldap.
- _
scopes List<Property Map> - _Scope. The structure of
_scopeblock is documented below. - account
Key StringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - account
Key StringFilter - Account key filter, using the UPN as the search filter.
- account
Key StringName - Account-Key-Name.
- account
Key StringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - account
Key StringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - adom String
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - antiphish String
- Antiphish. Valid values:
disable,enable. - ca
Cert String - CA certificate name.
- client
Cert StringAuth - Client-Cert-Auth. Valid values:
disable,enable. - client
Certs List<String> - Client-Cert.
- cnid String
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- dn String
- Distinguished name used to look up entries on the LDAP server.
- dynamic
Sort StringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- filter String
- Filter.
- group String
- Group.
- group
Filter String - Filter used for group matching.
- group
Member StringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - group
Object StringFilter - Filter used for group searching.
- group
Object StringSearch Base - Group-Object-Search-Base.
- group
Search StringBase - Search base used for group searching.
- interface String
- Specify outgoing interface to reach server.
- interface
Select StringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - max
Connections Number - Max-Connections.
- member
Attr String - Name of attribute from which to get group membership.
- object
User StringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- obtain
User StringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - password
Attr String - Password-Attr.
- password
Expiry StringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - password
Renewal String - Enable/disable online password renewal. Valid values:
disable,enable. - passwords List<String>
- Password for initial binding.
- port Number
- Port to be used for communication with the LDAP server (default = 389).
- retrieve
Protection StringProfile - Retrieve-Protection-Profile.
- scopetype String
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - search
Types List<String> - Search type. Valid values:
nested,recursive. - secondary
Server String - Secondary LDAP server CN domain name or IP.
- secure String
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - server String
- LDAP server CN domain name or IP.
- server
Identity StringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - source
Ip String - Source IP for communications to LDAP server.
- source
Ip List<String>Interfaces - Source interface for communication with the LDAP server.
- source
Port Number - Source-Port.
- ssl
Max StringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - ssl
Min StringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - status
Ttl Number - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- tertiary
Server String - Tertiary LDAP server CN domain name or IP.
- two
Factor String - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - two
Factor StringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - two
Factor StringFilter - Filter used to synchronize users to FortiToken Cloud.
- two
Factor StringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - type String
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - user
Info StringExchange Server - MS Exchange server from which to fetch user information.
- username String
- Username (full DN) for initial binding.
Outputs
All input properties are implicitly available as output properties. Additionally, the ObjectUserLdapDynamicMapping resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing ObjectUserLdapDynamicMapping Resource
Get an existing ObjectUserLdapDynamicMapping resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ObjectUserLdapDynamicMappingState, opts?: CustomResourceOptions): ObjectUserLdapDynamicMapping@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
_scopes: Optional[Sequence[ObjectUserLdapDynamicMapping_ScopeArgs]] = None,
account_key_cert_field: Optional[str] = None,
account_key_filter: Optional[str] = None,
account_key_name: Optional[str] = None,
account_key_processing: Optional[str] = None,
account_key_upn_san: Optional[str] = None,
adom: Optional[str] = None,
antiphish: Optional[str] = None,
ca_cert: Optional[str] = None,
client_cert_auth: Optional[str] = None,
client_certs: Optional[Sequence[str]] = None,
cnid: Optional[str] = None,
dn: Optional[str] = None,
dynamic_sort_subtable: Optional[str] = None,
filter: Optional[str] = None,
group: Optional[str] = None,
group_filter: Optional[str] = None,
group_member_check: Optional[str] = None,
group_object_filter: Optional[str] = None,
group_object_search_base: Optional[str] = None,
group_search_base: Optional[str] = None,
interface: Optional[str] = None,
interface_select_method: Optional[str] = None,
ldap: Optional[str] = None,
max_connections: Optional[float] = None,
member_attr: Optional[str] = None,
object_user_ldap_dynamic_mapping_id: Optional[str] = None,
obtain_user_info: Optional[str] = None,
password_attr: Optional[str] = None,
password_expiry_warning: Optional[str] = None,
password_renewal: Optional[str] = None,
passwords: Optional[Sequence[str]] = None,
port: Optional[float] = None,
retrieve_protection_profile: Optional[str] = None,
scopetype: Optional[str] = None,
search_types: Optional[Sequence[str]] = None,
secondary_server: Optional[str] = None,
secure: Optional[str] = None,
server: Optional[str] = None,
server_identity_check: Optional[str] = None,
source_ip: Optional[str] = None,
source_ip_interfaces: Optional[Sequence[str]] = None,
source_port: Optional[float] = None,
ssl_max_proto_version: Optional[str] = None,
ssl_min_proto_version: Optional[str] = None,
status_ttl: Optional[float] = None,
tertiary_server: Optional[str] = None,
two_factor: Optional[str] = None,
two_factor_authentication: Optional[str] = None,
two_factor_filter: Optional[str] = None,
two_factor_notification: Optional[str] = None,
type: Optional[str] = None,
user_info_exchange_server: Optional[str] = None,
username: Optional[str] = None) -> ObjectUserLdapDynamicMappingfunc GetObjectUserLdapDynamicMapping(ctx *Context, name string, id IDInput, state *ObjectUserLdapDynamicMappingState, opts ...ResourceOption) (*ObjectUserLdapDynamicMapping, error)public static ObjectUserLdapDynamicMapping Get(string name, Input<string> id, ObjectUserLdapDynamicMappingState? state, CustomResourceOptions? opts = null)public static ObjectUserLdapDynamicMapping get(String name, Output<String> id, ObjectUserLdapDynamicMappingState state, CustomResourceOptions options)resources: _: type: fortimanager:ObjectUserLdapDynamicMapping get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Account
Key stringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - Account
Key stringFilter - Account key filter, using the UPN as the search filter.
- Account
Key stringName - Account-Key-Name.
- Account
Key stringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - Account
Key stringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - Adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - Antiphish string
- Antiphish. Valid values:
disable,enable. - Ca
Cert string - CA certificate name.
- Client
Cert stringAuth - Client-Cert-Auth. Valid values:
disable,enable. - Client
Certs List<string> - Client-Cert.
- Cnid string
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- Dn string
- Distinguished name used to look up entries on the LDAP server.
- Dynamic
Sort stringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- Filter string
- Filter.
- Group string
- Group.
- Group
Filter string - Filter used for group matching.
- Group
Member stringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - Group
Object stringFilter - Filter used for group searching.
- Group
Object stringSearch Base - Group-Object-Search-Base.
- Group
Search stringBase - Search base used for group searching.
- Interface string
- Specify outgoing interface to reach server.
- Interface
Select stringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - Ldap string
- Ldap.
- Max
Connections double - Max-Connections.
- Member
Attr string - Name of attribute from which to get group membership.
- Object
User stringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- Obtain
User stringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - Password
Attr string - Password-Attr.
- Password
Expiry stringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - Password
Renewal string - Enable/disable online password renewal. Valid values:
disable,enable. - Passwords List<string>
- Password for initial binding.
- Port double
- Port to be used for communication with the LDAP server (default = 389).
- Retrieve
Protection stringProfile - Retrieve-Protection-Profile.
- Scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - Search
Types List<string> - Search type. Valid values:
nested,recursive. - Secondary
Server string - Secondary LDAP server CN domain name or IP.
- Secure string
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - Server string
- LDAP server CN domain name or IP.
- Server
Identity stringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - Source
Ip string - Source IP for communications to LDAP server.
- Source
Ip List<string>Interfaces - Source interface for communication with the LDAP server.
- Source
Port double - Source-Port.
- Ssl
Max stringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - Ssl
Min stringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - Status
Ttl double - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- Tertiary
Server string - Tertiary LDAP server CN domain name or IP.
- Two
Factor string - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - Two
Factor stringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - Two
Factor stringFilter - Filter used to synchronize users to FortiToken Cloud.
- Two
Factor stringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - Type string
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - User
Info stringExchange Server - MS Exchange server from which to fetch user information.
- Username string
- Username (full DN) for initial binding.
- _
scopes List<ObjectUser Ldap Dynamic Mapping_Scope> - _Scope. The structure of
_scopeblock is documented below.
- Account
Key stringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - Account
Key stringFilter - Account key filter, using the UPN as the search filter.
- Account
Key stringName - Account-Key-Name.
- Account
Key stringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - Account
Key stringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - Adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - Antiphish string
- Antiphish. Valid values:
disable,enable. - Ca
Cert string - CA certificate name.
- Client
Cert stringAuth - Client-Cert-Auth. Valid values:
disable,enable. - Client
Certs []string - Client-Cert.
- Cnid string
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- Dn string
- Distinguished name used to look up entries on the LDAP server.
- Dynamic
Sort stringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- Filter string
- Filter.
- Group string
- Group.
- Group
Filter string - Filter used for group matching.
- Group
Member stringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - Group
Object stringFilter - Filter used for group searching.
- Group
Object stringSearch Base - Group-Object-Search-Base.
- Group
Search stringBase - Search base used for group searching.
- Interface string
- Specify outgoing interface to reach server.
- Interface
Select stringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - Ldap string
- Ldap.
- Max
Connections float64 - Max-Connections.
- Member
Attr string - Name of attribute from which to get group membership.
- Object
User stringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- Obtain
User stringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - Password
Attr string - Password-Attr.
- Password
Expiry stringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - Password
Renewal string - Enable/disable online password renewal. Valid values:
disable,enable. - Passwords []string
- Password for initial binding.
- Port float64
- Port to be used for communication with the LDAP server (default = 389).
- Retrieve
Protection stringProfile - Retrieve-Protection-Profile.
- Scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - Search
Types []string - Search type. Valid values:
nested,recursive. - Secondary
Server string - Secondary LDAP server CN domain name or IP.
- Secure string
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - Server string
- LDAP server CN domain name or IP.
- Server
Identity stringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - Source
Ip string - Source IP for communications to LDAP server.
- Source
Ip []stringInterfaces - Source interface for communication with the LDAP server.
- Source
Port float64 - Source-Port.
- Ssl
Max stringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - Ssl
Min stringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - Status
Ttl float64 - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- Tertiary
Server string - Tertiary LDAP server CN domain name or IP.
- Two
Factor string - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - Two
Factor stringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - Two
Factor stringFilter - Filter used to synchronize users to FortiToken Cloud.
- Two
Factor stringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - Type string
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - User
Info stringExchange Server - MS Exchange server from which to fetch user information.
- Username string
- Username (full DN) for initial binding.
- _
scopes []ObjectUser Ldap Dynamic Mapping_Scope Args - _Scope. The structure of
_scopeblock is documented below.
- _
scopes List<ObjectUser Ldap Dynamic Mapping_Scope> - _Scope. The structure of
_scopeblock is documented below. - account
Key StringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - account
Key StringFilter - Account key filter, using the UPN as the search filter.
- account
Key StringName - Account-Key-Name.
- account
Key StringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - account
Key StringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - adom String
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - antiphish String
- Antiphish. Valid values:
disable,enable. - ca
Cert String - CA certificate name.
- client
Cert StringAuth - Client-Cert-Auth. Valid values:
disable,enable. - client
Certs List<String> - Client-Cert.
- cnid String
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- dn String
- Distinguished name used to look up entries on the LDAP server.
- dynamic
Sort StringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- filter String
- Filter.
- group String
- Group.
- group
Filter String - Filter used for group matching.
- group
Member StringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - group
Object StringFilter - Filter used for group searching.
- group
Object StringSearch Base - Group-Object-Search-Base.
- group
Search StringBase - Search base used for group searching.
- interface
Select StringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - interface_ String
- Specify outgoing interface to reach server.
- ldap String
- Ldap.
- max
Connections Double - Max-Connections.
- member
Attr String - Name of attribute from which to get group membership.
- object
User StringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- obtain
User StringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - password
Attr String - Password-Attr.
- password
Expiry StringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - password
Renewal String - Enable/disable online password renewal. Valid values:
disable,enable. - passwords List<String>
- Password for initial binding.
- port Double
- Port to be used for communication with the LDAP server (default = 389).
- retrieve
Protection StringProfile - Retrieve-Protection-Profile.
- scopetype String
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - search
Types List<String> - Search type. Valid values:
nested,recursive. - secondary
Server String - Secondary LDAP server CN domain name or IP.
- secure String
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - server String
- LDAP server CN domain name or IP.
- server
Identity StringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - source
Ip String - Source IP for communications to LDAP server.
- source
Ip List<String>Interfaces - Source interface for communication with the LDAP server.
- source
Port Double - Source-Port.
- ssl
Max StringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - ssl
Min StringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - status
Ttl Double - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- tertiary
Server String - Tertiary LDAP server CN domain name or IP.
- two
Factor String - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - two
Factor StringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - two
Factor StringFilter - Filter used to synchronize users to FortiToken Cloud.
- two
Factor StringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - type String
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - user
Info StringExchange Server - MS Exchange server from which to fetch user information.
- username String
- Username (full DN) for initial binding.
- _
scopes ObjectUser Ldap Dynamic Mapping_Scope[] - _Scope. The structure of
_scopeblock is documented below. - account
Key stringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - account
Key stringFilter - Account key filter, using the UPN as the search filter.
- account
Key stringName - Account-Key-Name.
- account
Key stringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - account
Key stringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - adom string
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - antiphish string
- Antiphish. Valid values:
disable,enable. - ca
Cert string - CA certificate name.
- client
Cert stringAuth - Client-Cert-Auth. Valid values:
disable,enable. - client
Certs string[] - Client-Cert.
- cnid string
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- dn string
- Distinguished name used to look up entries on the LDAP server.
- dynamic
Sort stringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- filter string
- Filter.
- group string
- Group.
- group
Filter string - Filter used for group matching.
- group
Member stringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - group
Object stringFilter - Filter used for group searching.
- group
Object stringSearch Base - Group-Object-Search-Base.
- group
Search stringBase - Search base used for group searching.
- interface string
- Specify outgoing interface to reach server.
- interface
Select stringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - ldap string
- Ldap.
- max
Connections number - Max-Connections.
- member
Attr string - Name of attribute from which to get group membership.
- object
User stringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- obtain
User stringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - password
Attr string - Password-Attr.
- password
Expiry stringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - password
Renewal string - Enable/disable online password renewal. Valid values:
disable,enable. - passwords string[]
- Password for initial binding.
- port number
- Port to be used for communication with the LDAP server (default = 389).
- retrieve
Protection stringProfile - Retrieve-Protection-Profile.
- scopetype string
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - search
Types string[] - Search type. Valid values:
nested,recursive. - secondary
Server string - Secondary LDAP server CN domain name or IP.
- secure string
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - server string
- LDAP server CN domain name or IP.
- server
Identity stringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - source
Ip string - Source IP for communications to LDAP server.
- source
Ip string[]Interfaces - Source interface for communication with the LDAP server.
- source
Port number - Source-Port.
- ssl
Max stringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - ssl
Min stringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - status
Ttl number - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- tertiary
Server string - Tertiary LDAP server CN domain name or IP.
- two
Factor string - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - two
Factor stringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - two
Factor stringFilter - Filter used to synchronize users to FortiToken Cloud.
- two
Factor stringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - type string
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - user
Info stringExchange Server - MS Exchange server from which to fetch user information.
- username string
- Username (full DN) for initial binding.
- _
scopes Sequence[ObjectUser Ldap Dynamic Mapping_Scope Args] - _Scope. The structure of
_scopeblock is documented below. - account_
key_ strcert_ field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - account_
key_ strfilter - Account key filter, using the UPN as the search filter.
- account_
key_ strname - Account-Key-Name.
- account_
key_ strprocessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - account_
key_ strupn_ san - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - adom str
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - antiphish str
- Antiphish. Valid values:
disable,enable. - ca_
cert str - CA certificate name.
- client_
cert_ strauth - Client-Cert-Auth. Valid values:
disable,enable. - client_
certs Sequence[str] - Client-Cert.
- cnid str
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- dn str
- Distinguished name used to look up entries on the LDAP server.
- dynamic_
sort_ strsubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- filter str
- Filter.
- group str
- Group.
- group_
filter str - Filter used for group matching.
- group_
member_ strcheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - group_
object_ strfilter - Filter used for group searching.
- group_
object_ strsearch_ base - Group-Object-Search-Base.
- group_
search_ strbase - Search base used for group searching.
- interface str
- Specify outgoing interface to reach server.
- interface_
select_ strmethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - ldap str
- Ldap.
- max_
connections float - Max-Connections.
- member_
attr str - Name of attribute from which to get group membership.
- object_
user_ strldap_ dynamic_ mapping_ id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- obtain_
user_ strinfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - password_
attr str - Password-Attr.
- password_
expiry_ strwarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - password_
renewal str - Enable/disable online password renewal. Valid values:
disable,enable. - passwords Sequence[str]
- Password for initial binding.
- port float
- Port to be used for communication with the LDAP server (default = 389).
- retrieve_
protection_ strprofile - Retrieve-Protection-Profile.
- scopetype str
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - search_
types Sequence[str] - Search type. Valid values:
nested,recursive. - secondary_
server str - Secondary LDAP server CN domain name or IP.
- secure str
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - server str
- LDAP server CN domain name or IP.
- server_
identity_ strcheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - source_
ip str - Source IP for communications to LDAP server.
- source_
ip_ Sequence[str]interfaces - Source interface for communication with the LDAP server.
- source_
port float - Source-Port.
- ssl_
max_ strproto_ version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - ssl_
min_ strproto_ version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - status_
ttl float - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- tertiary_
server str - Tertiary LDAP server CN domain name or IP.
- two_
factor str - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - two_
factor_ strauthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - two_
factor_ strfilter - Filter used to synchronize users to FortiToken Cloud.
- two_
factor_ strnotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - type str
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - user_
info_ strexchange_ server - MS Exchange server from which to fetch user information.
- username str
- Username (full DN) for initial binding.
- _
scopes List<Property Map> - _Scope. The structure of
_scopeblock is documented below. - account
Key StringCert Field - Define subject identity field in certificate for user access right checking. Valid values:
othername,rfc822name,dnsname. - account
Key StringFilter - Account key filter, using the UPN as the search filter.
- account
Key StringName - Account-Key-Name.
- account
Key StringProcessing - Account key processing operation, either keep or strip domain string of UPN in the token. Valid values:
same,strip. - account
Key StringUpn San - Define SAN in certificate for user principle name matching. Valid values:
othername,rfc822name,dnsname. - adom String
- Adom. This value is valid only when the
scopetypeisadom, otherwise the value of adom in the provider will be inherited. - antiphish String
- Antiphish. Valid values:
disable,enable. - ca
Cert String - CA certificate name.
- client
Cert StringAuth - Client-Cert-Auth. Valid values:
disable,enable. - client
Certs List<String> - Client-Cert.
- cnid String
- Common name identifier for the LDAP server. The common name identifier for most LDAP servers is "cn".
- dn String
- Distinguished name used to look up entries on the LDAP server.
- dynamic
Sort StringSubtable - true or false, set this parameter to true when using dynamic for_each + toset to configure and sort sub-tables, please do not set this parameter when configuring static sub-tables.
- filter String
- Filter.
- group String
- Group.
- group
Filter String - Filter used for group matching.
- group
Member StringCheck - Group member checking methods. Valid values:
user-attr,group-object,posix-group-object. - group
Object StringFilter - Filter used for group searching.
- group
Object StringSearch Base - Group-Object-Search-Base.
- group
Search StringBase - Search base used for group searching.
- interface String
- Specify outgoing interface to reach server.
- interface
Select StringMethod - Specify how to select outgoing interface to reach server. Valid values:
auto,sdwan,specify. - ldap String
- Ldap.
- max
Connections Number - Max-Connections.
- member
Attr String - Name of attribute from which to get group membership.
- object
User StringLdap Dynamic Mapping Id - an identifier for the resource with format "{{_scope.name}} {{_scope.vdom}}".
- obtain
User StringInfo - Enable/disable obtaining of user information. Valid values:
disable,enable. - password
Attr String - Password-Attr.
- password
Expiry StringWarning - Enable/disable password expiry warnings. Valid values:
disable,enable. - password
Renewal String - Enable/disable online password renewal. Valid values:
disable,enable. - passwords List<String>
- Password for initial binding.
- port Number
- Port to be used for communication with the LDAP server (default = 389).
- retrieve
Protection StringProfile - Retrieve-Protection-Profile.
- scopetype String
- The scope of application of the resource. Valid values:
inherit,adom,global. Theinheritmeans that the scopetype of the provider will be inherited, and adom will also be inherited. The default value isinherit. - search
Types List<String> - Search type. Valid values:
nested,recursive. - secondary
Server String - Secondary LDAP server CN domain name or IP.
- secure String
- Port to be used for authentication. Valid values:
disable,starttls,ldaps. - server String
- LDAP server CN domain name or IP.
- server
Identity StringCheck - Enable/disable LDAP server identity check (verify server domain name/IP address against the server certificate). Valid values:
disable,enable. - source
Ip String - Source IP for communications to LDAP server.
- source
Ip List<String>Interfaces - Source interface for communication with the LDAP server.
- source
Port Number - Source-Port.
- ssl
Max StringProto Version - Ssl-Max-Proto-Version. Valid values:
TLSv1-1,TLSv1-2,SSLv3,TLSv1,TLSv1-3. - ssl
Min StringProto Version - Minimum supported protocol version for SSL/TLS connections (default is to follow system global setting). Valid values:
default,TLSv1,TLSv1-1,TLSv1-2,SSLv3. - status
Ttl Number - Time for which server reachability is cached so that when a server is unreachable, it will not be retried for at least this period of time (0 = cache disabled, default = 300).
- tertiary
Server String - Tertiary LDAP server CN domain name or IP.
- two
Factor String - Enable/disable two-factor authentication. Valid values:
disable,fortitoken-cloud. - two
Factor StringAuthentication - Authentication method by FortiToken Cloud. Valid values:
fortitoken,email,sms. - two
Factor StringFilter - Filter used to synchronize users to FortiToken Cloud.
- two
Factor StringNotification - Notification method for user activation by FortiToken Cloud. Valid values:
email,sms. - type String
- Authentication type for LDAP searches. Valid values:
simple,anonymous,regular. - user
Info StringExchange Server - MS Exchange server from which to fetch user information.
- username String
- Username (full DN) for initial binding.
Supporting Types
ObjectUserLdapDynamicMapping_Scope, ObjectUserLdapDynamicMapping_ScopeArgs
Import
ObjectUser LdapDynamicMapping can be imported using any of these accepted formats:
Set import_options = [“ldap=YOUR_VALUE”] in the provider section.
$ export “FORTIMANAGER_IMPORT_TABLE”=“true”
$ pulumi import fortimanager:index/objectUserLdapDynamicMapping:ObjectUserLdapDynamicMapping labelname {{_scope.name}}.{{_scope.vdom}}
$ unset “FORTIMANAGER_IMPORT_TABLE”
-> Hint: The scopetype and adom for import will directly inherit the scopetype and adom configuration of the provider.
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- fortimanager fortinetdev/terraform-provider-fortimanager
- License
- Notes
- This Pulumi package is based on the
fortimanagerTerraform Provider.
fortimanager 1.13.0 published on Thursday, Mar 13, 2025 by fortinetdev