domains_ldapssettings
Creates, updates, deletes, gets or lists a domains_ldapssettings resource.
Overview
| Name | domains_ldapssettings |
| Type | Resource |
| Id | google.managedidentities.domains_ldapssettings |
Fields
| Name | Datatype | Description |
|---|---|---|
name | string | The resource name of the LDAPS settings. Uses the form: projects/{project}/locations/{location}/domains/{domain}. |
certificate | object | Certificate used to configure LDAPS. |
certificatePassword | string | Input only. The password used to encrypt the uploaded PFX certificate. |
certificatePfx | string | Input only. The uploaded PKCS12-formatted certificate to configure LDAPS with. It will enable the domain controllers in this domain to accept LDAPS connections (either LDAP over SSL/TLS or the StartTLS operation). A valid certificate chain must form a valid x.509 certificate chain (or be comprised of a single self-signed certificate. It must be encrypted with either: 1) PBES2 + PBKDF2 + AES256 encryption and SHA256 PRF; or 2) pbeWithSHA1And3-KeyTripleDES-CBC Private key must be included for the leaf / single self-signed certificate. Note: For a fqdn your-example-domain.com, the wildcard fqdn is *.your-example-domain.com. Specifically the leaf certificate must have: - Either a blank subject or a subject with CN matching the wildcard fqdn. - Exactly two SANs - the fqdn and wildcard fqdn. - Encipherment and digital key signature key usages. - Server authentication extended key usage (OID=1.3.6.1.5.5.7.3.1) - Private key must be in one of the following formats: RSA, ECDSA, ED25519. - Private key must have appropriate key length: 2048 for RSA, 256 for ECDSA - Signature algorithm of the leaf certificate cannot be MD2, MD5 or SHA1. |
state | string | Output only. The current state of this LDAPS settings. |
updateTime | string | Output only. Last update time. |
Methods
| Name | Accessible by | Required Params | Description |
|---|---|---|---|
get_ldapssettings | SELECT | domainsId, projectsId | Gets the domain ldaps settings. |
update_ldapssettings | UPDATE | domainsId, projectsId | Patches a single ldaps settings. |
SELECT examples
Gets the domain ldaps settings.
SELECT
name,
certificate,
certificatePassword,
certificatePfx,
state,
updateTime
FROM google.managedidentities.domains_ldapssettings
WHERE domainsId = '{{ domainsId }}'
AND projectsId = '{{ projectsId }}';
UPDATE example
Updates a domains_ldapssettings resource.
/*+ update */
UPDATE google.managedidentities.domains_ldapssettings
SET
name = '{{ name }}',
certificatePfx = '{{ certificatePfx }}',
certificatePassword = '{{ certificatePassword }}'
WHERE
domainsId = '{{ domainsId }}'
AND projectsId = '{{ projectsId }}';