Freigeben über


ActiveDirectory interface

Active Directory

Properties

activeDirectoryId

Id of the Active Directory

administrators

Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier

adName

Name of the active directory machine. This optional parameter is used only while creating kerberos volume

aesEncryption

If enabled, AES encryption will be enabled for SMB communication.

allowLocalNfsUsersWithLdap

If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes.

backupOperators

Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier

dns

Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain

domain

Name of the Active Directory domain

encryptDCConnections

If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted.

kdcIP

kdc server IP addresses for the active directory machine. This optional parameter is used only while creating kerberos volume.

ldapOverTLS

Specifies whether or not the LDAP traffic needs to be secured via TLS.

ldapSearchScope

LDAP Search scope options

ldapSigning

Specifies whether or not the LDAP traffic needs to be signed.

organizationalUnit

The Organizational Unit (OU) within the Windows Active Directory

password

Plain text password of Active Directory domain administrator, value is masked in the response

preferredServersForLdapClient

Comma separated list of IPv4 addresses of preferred servers for LDAP client. At most two comma separated IPv4 addresses can be passed.

securityOperators

Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier

serverRootCACertificate

When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes.

site

The Active Directory site the service will limit Domain Controller discovery to

smbServerName

NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes

status

Status of the Active Directory NOTE: This property will not be serialized. It can only be populated by the server.

statusDetails

Any details in regards to the Status of the Active Directory NOTE: This property will not be serialized. It can only be populated by the server.

username

A domain user account with permission to create machine accounts

Property Details

activeDirectoryId

Id of the Active Directory

activeDirectoryId?: string

Property Value

string

administrators

Users to be added to the Built-in Administrators active directory group. A list of unique usernames without domain specifier

administrators?: string[]

Property Value

string[]

adName

Name of the active directory machine. This optional parameter is used only while creating kerberos volume

adName?: string

Property Value

string

aesEncryption

If enabled, AES encryption will be enabled for SMB communication.

aesEncryption?: boolean

Property Value

boolean

allowLocalNfsUsersWithLdap

If enabled, NFS client local users can also (in addition to LDAP users) access the NFS volumes.

allowLocalNfsUsersWithLdap?: boolean

Property Value

boolean

backupOperators

Users to be added to the Built-in Backup Operator active directory group. A list of unique usernames without domain specifier

backupOperators?: string[]

Property Value

string[]

dns

Comma separated list of DNS server IP addresses (IPv4 only) for the Active Directory domain

dns?: string

Property Value

string

domain

Name of the Active Directory domain

domain?: string

Property Value

string

encryptDCConnections

If enabled, Traffic between the SMB server to Domain Controller (DC) will be encrypted.

encryptDCConnections?: boolean

Property Value

boolean

kdcIP

kdc server IP addresses for the active directory machine. This optional parameter is used only while creating kerberos volume.

kdcIP?: string

Property Value

string

ldapOverTLS

Specifies whether or not the LDAP traffic needs to be secured via TLS.

ldapOverTLS?: boolean

Property Value

boolean

ldapSearchScope

LDAP Search scope options

ldapSearchScope?: LdapSearchScopeOpt

Property Value

ldapSigning

Specifies whether or not the LDAP traffic needs to be signed.

ldapSigning?: boolean

Property Value

boolean

organizationalUnit

The Organizational Unit (OU) within the Windows Active Directory

organizationalUnit?: string

Property Value

string

password

Plain text password of Active Directory domain administrator, value is masked in the response

password?: string

Property Value

string

preferredServersForLdapClient

Comma separated list of IPv4 addresses of preferred servers for LDAP client. At most two comma separated IPv4 addresses can be passed.

preferredServersForLdapClient?: string

Property Value

string

securityOperators

Domain Users in the Active directory to be given SeSecurityPrivilege privilege (Needed for SMB Continuously available shares for SQL). A list of unique usernames without domain specifier

securityOperators?: string[]

Property Value

string[]

serverRootCACertificate

When LDAP over SSL/TLS is enabled, the LDAP client is required to have base64 encoded Active Directory Certificate Service's self-signed root CA certificate, this optional parameter is used only for dual protocol with LDAP user-mapping volumes.

serverRootCACertificate?: string

Property Value

string

site

The Active Directory site the service will limit Domain Controller discovery to

site?: string

Property Value

string

smbServerName

NetBIOS name of the SMB server. This name will be registered as a computer account in the AD and used to mount volumes

smbServerName?: string

Property Value

string

status

Status of the Active Directory NOTE: This property will not be serialized. It can only be populated by the server.

status?: string

Property Value

string

statusDetails

Any details in regards to the Status of the Active Directory NOTE: This property will not be serialized. It can only be populated by the server.

statusDetails?: string

Property Value

string

username

A domain user account with permission to create machine accounts

username?: string

Property Value

string