ActiveDirectory interface
Active Directory
Properties
| active |
Id of the Active Directory |
| administrators | Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier |
| ad |
Name of the active directory machine. This optional parameter is used only while creating kerberos volume |
| aes |
If enabled, AES encryption will be enabled for SMB communication. |
| allow |
If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes. |
| backup |
Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier |
| dns | Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain |
| domain | Name of the Active Directory domain |
| encrypt |
If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted. |
| kdcIP | kdc server IP address for the active directory machine. This optional parameter is used only while creating kerberos volume. |
| ldap |
Specifies whether or not the LDAP traffic needs to be secured via TLS. |
| ldap |
LDAP Search scope options |
| ldap |
Specifies whether or not the LDAP traffic needs to be signed. |
| organizational |
The Organizational Unit (OU) within the Windows Active Directory |
| password | Plain text password of Active Directory domain administrator, value is masked in the response |
| preferred |
Comma separated list of IPv4 addresses of preferred servers for LDAP client. At most two comma separated IPv4 addresses can be passed. |
| security |
Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier |
| server |
When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes. |
| site | The Active Directory site the service will limit Domain Controller discovery to |
| smb |
NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes |
| status | Status of the Active Directory NOTE: This property will not be serialized. It can only be populated by the server. |
| status |
Any details in regards to the Status of the Active Directory NOTE: This property will not be serialized. It can only be populated by the server. |
| username | A domain user account with permission to create machine accounts |
Property Details
activeDirectoryId
Id of the Active Directory
activeDirectoryId?: stringProperty Value
string
administrators
Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier
administrators?: string[]Property Value
string[]
adName
Name of the active directory machine. This optional parameter is used only while creating kerberos volume
adName?: stringProperty Value
string
aesEncryption
If enabled, AES encryption will be enabled for SMB communication.
aesEncryption?: booleanProperty Value
boolean
allowLocalNfsUsersWithLdap
If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes.
allowLocalNfsUsersWithLdap?: booleanProperty Value
boolean
backupOperators
Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier
backupOperators?: string[]Property Value
string[]
dns
Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain
dns?: stringProperty Value
string
domain
Name of the Active Directory domain
domain?: stringProperty Value
string
encryptDCConnections
If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted.
encryptDCConnections?: booleanProperty Value
boolean
kdcIP
kdc server IP address for the active directory machine. This optional parameter is used only while creating kerberos volume.
kdcIP?: stringProperty Value
string
ldapOverTLS
Specifies whether or not the LDAP traffic needs to be secured via TLS.
ldapOverTLS?: booleanProperty Value
boolean
ldapSearchScope
ldapSigning
Specifies whether or not the LDAP traffic needs to be signed.
ldapSigning?: booleanProperty Value
boolean
organizationalUnit
The Organizational Unit (OU) within the Windows Active Directory
organizationalUnit?: stringProperty Value
string
password
Plain text password of Active Directory domain administrator, value is masked in the response
password?: stringProperty Value
string
preferredServersForLdapClient
Comma separated list of IPv4 addresses of preferred servers for LDAP client. At most two comma separated IPv4 addresses can be passed.
preferredServersForLdapClient?: stringProperty Value
string
securityOperators
Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier
securityOperators?: string[]Property Value
string[]
serverRootCACertificate
When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes.
serverRootCACertificate?: stringProperty Value
string
site
The Active Directory site the service will limit Domain Controller discovery to
site?: stringProperty Value
string
smbServerName
NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes
smbServerName?: stringProperty Value
string
status
Status of the Active Directory NOTE: This property will not be serialized. It can only be populated by the server.
status?: stringProperty Value
string
statusDetails
Any details in regards to the Status of the Active Directory NOTE: This property will not be serialized. It can only be populated by the server.
statusDetails?: stringProperty Value
string
username
A domain user account with permission to create machine accounts
username?: stringProperty Value
string