Optional. The metadata of the LDAP server used to authenticate and authorize connections to the broker.
Does not apply to RabbitMQ brokers.
",
"type": "object",
"properties": {
"Hosts": {
"allOf": [
{
"$ref": "#/components/schemas/__listOf__string"
},
{
"xml": {
"name": "hosts"
},
"description": "Specifies the location of the LDAP server such as AWS Directory Service for Microsoft Active Directory . Optional failover server."
}
]
},
"RoleBase": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"xml": {
"name": "roleBase"
},
"description": "The distinguished name of the node in the directory information tree (DIT) to search for roles or groups. For example, ou=group, ou=corp, dc=corp,\n dc=example, dc=com."
}
]
},
"RoleName": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"xml": {
"name": "roleName"
},
"description": "Specifies the LDAP attribute that identifies the group name attribute in the object returned from the group membership query."
}
]
},
"RoleSearchMatching": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"xml": {
"name": "roleSearchMatching"
},
"description": "The LDAP search filter used to find roles within the roleBase. The distinguished name of the user matched by userSearchMatching is substituted into the {0} placeholder in the search filter. The client's username is substituted into the {1} placeholder. For example, if you set this option to (member=uid={1})for the user janedoe, the search filter becomes (member=uid=janedoe) after string substitution. It matches all role entries that have a member attribute equal to uid=janedoe under the subtree selected by the roleBase."
}
]
},
"RoleSearchSubtree": {
"allOf": [
{
"$ref": "#/components/schemas/__boolean"
},
{
"xml": {
"name": "roleSearchSubtree"
},
"description": "The directory search scope for the role. If set to true, scope is to search the entire subtree."
}
]
},
"ServiceAccountPassword": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"xml": {
"name": "serviceAccountPassword"
},
"description": "Service account password. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example,\n dc=com."
}
]
},
"ServiceAccountUsername": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"xml": {
"name": "serviceAccountUsername"
},
"description": "Service account username. A service account is an account in your LDAP server that has access to initiate a connection. For example, cn=admin,dc=corp, dc=example,\n dc=com."
}
]
},
"UserBase": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"xml": {
"name": "userBase"
},
"description": "Select a particular subtree of the directory information tree (DIT) to search for user entries. The subtree is specified by a DN, which specifies the base node of the subtree. For example, by setting this option to ou=Users,ou=corp, dc=corp,\n dc=example, dc=com, the search for user entries is restricted to the subtree beneath ou=Users, ou=corp, dc=corp, dc=example, dc=com."
}
]
},
"UserRoleName": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"xml": {
"name": "userRoleName"
},
"description": "Specifies the name of the LDAP attribute for the user group membership."
}
]
},
"UserSearchMatching": {
"allOf": [
{
"$ref": "#/components/schemas/__string"
},
{
"xml": {
"name": "userSearchMatching"
},
"description": "The LDAP search filter used to find users within the userBase. The client's username is substituted into the {0} placeholder in the search filter. For example, if this option is set to (uid={0}) and the received username is janedoe, the search filter becomes (uid=janedoe) after string substitution. It will result in matching an entry like uid=janedoe, ou=Users,ou=corp, dc=corp, dc=example,\n dc=com."
}
]
},
"UserSearchSubtree": {
"allOf": [
{
"$ref": "#/components/schemas/__boolean"
},
{
"xml": {
"name": "userSearchSubtree"
},
"description": "The directory search scope for the user. If set to true, scope is to search the entire subtree."
}
]
}
},
"required": [
"Hosts",
"UserSearchMatching",
"UserBase",
"RoleSearchMatching",
"ServiceAccountUsername",
"RoleBase",
"ServiceAccountPassword"
]
}