Raritan / Server Technology Xerus™ PDU JSON-RPC API
LdapManager.idl
1 /* SPDX-License-Identifier: BSD-3-Clause */
2 /*
3  * Copyright 2010 Raritan Inc. All rights reserved.
4  */
5 
6 /** Local and Remote Authentication Management */
7 module auth {
8 
9  /** LDAP server configuration interface */
10  interface LdapManager {
11 
12  /** LDAP server type */
13  enumeration ServerType {
14  ACTIVE_DIRECTORY, ///< Active directory
15  OPEN_LDAP ///< OpenLDAP
16  };
17 
18  /** LDAP server type */
19  enumeration SecurityProtocol {
20  SEC_PROTO_NONE, ///< no security protocol
21  SEC_PROTO_SSL, ///< use SSL
22  SEC_PROTO_STARTTLS ///< use STARTTLS
23  };
24 
25  /** Server settings */
26  structure ServerSettings {
27  string id; ///< Entry ID
28  string server; ///< IP or name of ldap server
29  string adoptSettingsId; ///< Use settings from LDAP server with <ID>
30  ServerType type; ///< Type of LDAP server
31  SecurityProtocol secProto; ///< Security protocol
32  int port; ///< Server port (only for SEC_PROT_NONE and SEC_PROT_STARTTLS)
33  int sslPort; ///< SSL port (only for SEC_PROT_SSL)
34  boolean forceTrustedCert; ///< Enforce trusted certificates
35  boolean allowOffTimeRangeCerts; ///< allow expired and not yet valid certificates
36  string certificate; ///< Certificates
37  string adsDomain; ///< ADS domain
38  boolean useAnonymousBind; ///< use anonymous bind
39  string bindDN; ///< Bind DN
40  string bindPwd; ///< Bind password
41  string searchBaseDN; ///< Base DN for search
42  string loginNameAttr; ///< Login name attribute
43  string userEntryObjClass; ///< User entry object class
44  string userSearchFilter; ///< User search subfilter
45  boolean groupInfoInUserEntry; ///< Group membership info in user entry
46  string groupMemberAttr; ///< Group member attribute
47  string groupEntryObjClass; ///< Group entry object class
48  string groupSearchFilter; ///< Group search subfilter
49  };
50 
51  /**
52  * Get a list of LDAP server settings
53  *
54  * @return list of ServerSettings
55  */
56  vector<ServerSettings> getLdapServers();
57 
58  constant int ERR_CYCLIC_DEP = 1; ///< Cyclic dependency in server list
59  constant int ERR_INVALID_CFG = 2; ///< The server configuration is invalid
60  /**
61  * Sets a list of LDAP servers.
62  * Any existing LDAP Server configuration will be cleared / overwritten.
63  *
64  * @return 0 on success
65  * @return \c ERR_CYCLIC_DEP in case of cyclic dependency
66  * @return \c ERR_INVALID_CFG in case of invalid configuration
67  */
68  int setLdapServers(in vector<ServerSettings> serverList);
69 
70  constant int ERR_SERVER_UNSPECIFIED = 1; ///< Unspecified error
71  constant int ERR_SERVER_UNREACHABLE = 3; ///< LDAP server could not be contacted
72  constant int ERR_AUTHENTICATION_FAILED = 4; ///< User could not be authenticated
73  constant int ERR_NO_ROLES = 5; ///< No roles are defined for the user
74  constant int ERR_NO_KNOWN_ROLES = 6; ///< No known rules are defined for the user
75  /**
76  * Tests an LDAP server configuration.
77  *
78  * @return 0 on success
79  * @return \c ERR_SERVER_UNSPECIFIED an unspecified error occurred
80  * @return \c ERR_INVALID_CFG LDAP server configuration is invalid (reused from setLdapServers)
81  * @return \c ERR_SERVER_UNREACHABLE LDAP server could not be contacted
82  * @return \c ERR_AUTHENTICATION_FAILED user could not be authenticated
83  * @return \c ERR_NO_ROLES no roles are defined for the user
84  * @return \c ERR_NO_KNOWN_ROLES no known roles are defined for the user
85  */
86  int testLdapServer(in string username, in string password, in ServerSettings settings, out string diagMsg);
87 
88  };
89 
90 }
auth::LdapManager
LDAP server configuration interface.
Definition: LdapManager.idl:10
auth::LdapManager::ServerType
ServerType
LDAP server type.
Definition: LdapManager.idl:13
auth::LdapManager::ACTIVE_DIRECTORY
@ ACTIVE_DIRECTORY
Active directory.
Definition: LdapManager.idl:14
auth::LdapManager::getLdapServers
vector< ServerSettings > getLdapServers()
Get a list of LDAP server settings.
auth::LdapManager::SecurityProtocol
SecurityProtocol
LDAP server type.
Definition: LdapManager.idl:19
auth::LdapManager::SEC_PROTO_NONE
@ SEC_PROTO_NONE
no security protocol
Definition: LdapManager.idl:20
auth::LdapManager::SEC_PROTO_SSL
@ SEC_PROTO_SSL
use SSL
Definition: LdapManager.idl:21
auth::LdapManager::setLdapServers
int setLdapServers(in vector< ServerSettings > serverList)
Sets a list of LDAP servers.
auth::LdapManager::testLdapServer
int testLdapServer(in string username, in string password, in ServerSettings settings, out string diagMsg)
Tests an LDAP server configuration.
auth
Local and Remote Authentication Management.
Definition: AuthManager.idl:7
auth::LdapManager::ServerSettings
Server settings.
Definition: LdapManager.idl:26
auth::LdapManager::ServerSettings::id
string id
Entry ID.
Definition: LdapManager.idl:27
auth::LdapManager::ServerSettings::type
ServerType type
Type of LDAP server.
Definition: LdapManager.idl:30
auth::LdapManager::ServerSettings::groupSearchFilter
string groupSearchFilter
Group search subfilter.
Definition: LdapManager.idl:48
auth::LdapManager::ServerSettings::groupMemberAttr
string groupMemberAttr
Group member attribute.
Definition: LdapManager.idl:46
auth::LdapManager::ServerSettings::forceTrustedCert
boolean forceTrustedCert
Enforce trusted certificates.
Definition: LdapManager.idl:34
auth::LdapManager::ServerSettings::userSearchFilter
string userSearchFilter
User search subfilter.
Definition: LdapManager.idl:44
auth::LdapManager::ServerSettings::adoptSettingsId
string adoptSettingsId
Use settings from LDAP server with <ID>
Definition: LdapManager.idl:29
auth::LdapManager::ServerSettings::server
string server
IP or name of ldap server.
Definition: LdapManager.idl:28
auth::LdapManager::ServerSettings::certificate
string certificate
Certificates.
Definition: LdapManager.idl:36
auth::LdapManager::ServerSettings::groupInfoInUserEntry
boolean groupInfoInUserEntry
Group membership info in user entry.
Definition: LdapManager.idl:45
auth::LdapManager::ServerSettings::groupEntryObjClass
string groupEntryObjClass
Group entry object class.
Definition: LdapManager.idl:47
auth::LdapManager::ServerSettings::port
int port
Server port (only for SEC_PROT_NONE and SEC_PROT_STARTTLS)
Definition: LdapManager.idl:32
auth::LdapManager::ServerSettings::bindDN
string bindDN
Bind DN.
Definition: LdapManager.idl:39
auth::LdapManager::ServerSettings::allowOffTimeRangeCerts
boolean allowOffTimeRangeCerts
allow expired and not yet valid certificates
Definition: LdapManager.idl:35
auth::LdapManager::ServerSettings::sslPort
int sslPort
SSL port (only for SEC_PROT_SSL)
Definition: LdapManager.idl:33
auth::LdapManager::ServerSettings::loginNameAttr
string loginNameAttr
Login name attribute.
Definition: LdapManager.idl:42
auth::LdapManager::ServerSettings::bindPwd
string bindPwd
Bind password.
Definition: LdapManager.idl:40
auth::LdapManager::ServerSettings::adsDomain
string adsDomain
ADS domain.
Definition: LdapManager.idl:37
auth::LdapManager::ServerSettings::userEntryObjClass
string userEntryObjClass
User entry object class.
Definition: LdapManager.idl:43
auth::LdapManager::ServerSettings::useAnonymousBind
boolean useAnonymousBind
use anonymous bind
Definition: LdapManager.idl:38
auth::LdapManager::ServerSettings::searchBaseDN
string searchBaseDN
Base DN for search.
Definition: LdapManager.idl:41
auth::LdapManager::ServerSettings::secProto
SecurityProtocol secProto
Security protocol.
Definition: LdapManager.idl:31
Generated on Wed Mar 8 2023 12:37:09 for Raritan / Server Technology Xerus™ PDU JSON-RPC API by doxygen 1.9.1