Skip to content
Network as Code

AD/LDAP Realm

Location in GUI: Integrations » Realms » Active Directory/LDAP

Diagram

Section titled “Diagram”
Diagram

Classes

Section titled “Classes”

integrations (fmc.domains)

Section titled “integrations (fmc.domains)”
NameTypeConstraintMandatoryDefault Value
ad_ldap_realmsList[ad_ldap_realms]No

ad_ldap_realms (fmc.domains.integrations)

Section titled “ad_ldap_realms (fmc.domains.integrations)”
NameTypeConstraintMandatoryDefault Value
nameStringYes
realm_typeChoiceAD, LDAPYes
base_dnStringYes
group_dnStringYes
directory_usernameStringYes
directory_passwordStringYes
directory_serversList[directory_servers]Yes
ad_join_passwordStringNo
ad_join_usernameStringNo
ad_primary_domainStringNo
descriptionStringmax: 255No
enabledBooleantrue, falseNotrue
excluded_groupsListStringNo
excluded_usersListStringNo
group_attributeAnyChoice[uniqueMember, member] or StringNouniqueMember
included_groupsListStringNo
included_usersListStringNo
timeout_captive_portal_usersIntegermin: 0, max: 35791394No1440
timeout_failed_captive_portal_usersIntegermin: 0, max: 35791394No1440
timeout_guest_captive_portal_usersIntegermin: 0, max: 35791394No1440
timeout_ise_and_passive_indentity_usersIntegermin: 0, max: 35791394No1440
timeout_terminal_server_agent_usersIntegermin: 0, max: 35791394No1440
update_hourIntegermin: 0, max: 23No0
update_intervalChoice1, 2, 3, 4, 6, 8, 12, 24No24

directory_servers (fmc.domains.integrations.ad_ldap_realms)

Section titled “directory_servers (fmc.domains.integrations.ad_ldap_realms)”
NameTypeConstraintMandatoryDefault Value
hostnameStringYes
portIntegermin: 1, max: 65535Yes
encryption_protocolChoiceNONE, LDAPS, STARTTLSYes
ca_certificateStringNo
interface_groupStringNo
use_routing_to_select_interfaceBooleantrue, falseNo

Examples

Section titled “Examples”
fmc:
  domains:
    - name: Global
      integrations:
        ad_ldap_realms:
          - name: MyADLDAPRealmName1
            realm_type: LDAP
            base_dn: "dc=example,dc=com"
            group_dn: "ou=Groups,dc=example,dc=com"
            directory_username: DirectoryUser
            directory_password: DirectoryPassword
            directory_servers:
              - hostname: ldap1.example.com
                port: 389
                encryption_protocol: NONE
              - hostname: ldap2.example.com
                port: 389
                encryption_protocol: NONE