STATE_DISABLEDSTATE_ENABLEDLDAP_SSO_OPTION_UNKNOWNLDAP_SSO_OPTION_OFFLDAP_SSO_OPTION_ONLDAP_SSL_OPTION_NONELDAP_SSL_OPTION_ONLDAP_SSL_OPTION_UNKNOWNLDAP_SEARCH_SCOPE_BASELDAP_SEARCH_SCOPE_ONE_LEVELLDAP_SEARCH_SCOPE_SUBTREELDAP_SEARCH_SCOPE_UNKNOWN
Gets a list of all CertLDAP configurations.
Creates the specified CertLDAP configurations.
The key must be specified as "system-auth".
Creates the default authentication CertLDAP configuration.
Creates the default authentication Active Directory configuration.
Deletes the specified CertLDAP configurations.
Deletes all CertLDAP configurations.
Sets the states indicating whether syslog debugging is enabled/disabled.
Gets the states indicating whether syslog debugging is enabled/disabled.
Sets the states indicating whether to ignore errors when authentication information is unavailable.
Gets the states indicating whether to ignore errors when authentication information is unavailable.
Sets the states indicating whether to enable/disable warning messages.
Gets the states indicating whether to enable/disable warning messages.
Sets the ports used by the LDAP servers to listen for requests.
Gets the ports used by the LDAP servers to listen for requests.
Sets the CertLDAP SSL options used by the CertLDAP configurations.
Gets the CertLDAP SSL options used by the CertLDAP configurations.
Sets the states indicating whether to require and verify server certificate.
Gets the states indicating whether to require and verify server certificate.
Sets the CA certificate file objects used in server certificate
verification for a set of CertLDAP authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Gets the CA certificate file object names used in server
certificate verification for a set of CertLDAP authentication
configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Sets the SSL cipher suite used by the CertLDAP configurations.
Gets the SSL cipher suite used by the CertLDAP configurations.
Sets the client key file objects used by a set of CertLDAP
authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Gets the client key file objects used by a set of CertLDAP
authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Sets the client certificate file objects used by a set of CertLDAP
authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Gets the client certificate file objects used by a set of CertLDAP
authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Sets the distinguished names of the search bases used by the CertLDAP configurations.
Gets the distinguished names of the search bases used by the CertLDAP configurations.
Sets the LDAP versions to use by the CertLDAP configurations.
Gets the LDAP versions to use by the CertLDAP configurations.
Sets the distinguished names used to bind to the servers. Default is to bind anonymously.
Gets the distinguished names used to bind to the servers. Default is to bind anonymously.
Sets the credentials used to bind to the servers. Default is to bind with no credentials.
Gets the credentials used to bind to the servers. Default is to bind with no credentials.
Sets the search scopes used by the CertLDAP configurations.
Gets the search scopes used by the CertLDAP configurations.
Sets the search time limits in seconds. This is the time to wait for the search to complete.
Gets the search time limits in seconds. This is the time to wait for the search to complete.
Sets the bind time limits in seconds. This is the time to wait for the bind to complete.
Gets the bind time limits in seconds. This is the time to wait for the bind to complete.
Sets the idle time limits in seconds. This client will close connections if the server has not
been contacted for the number of seconds specified by this value.
Gets the idle time limits in seconds. This client will close connections if the server has not
been contacted for the number of seconds specified by this value.
Sets the filter strings used by the specified CertLDAP configurations.
Gets the filter strings used by the specified CertLDAP configurations.
Sets the states indicating whether to check the 'host' attribute for access control. Default is no;
if set to yes, and user has no value for the host attribute, and pam_ldap is configured for account
management (authorization) then the user will not be allowed to login.
Gets the states indicating whether to check the 'host' attribute for access control. Default is no;
if set to yes, and user has no value for the host attribute, and pam_ldap is configured for account
management (authorization) then the user will not be allowed to login.
Sets the states indicating whether to check the membership
attribute in groups given in remote-role definitions for
access control. Default is no; if set to yes, and user does
not belong to any groups given in the remote-role
definitions, and pam_ldap is configured for account
management (authorization) then the user will only be able
to log in using the default remote-role, which can be set
to deny access.
Gets the states indicating whether to check the membership
attribute in groups given in remote-role definitions for
access control.
Sets the login attributes used by the specified CertLDAP configurations.
Gets the login attributes used by the specified CertLDAP configurations.
Gets the lists of servers the specified CertLDAP configurations are associated with.
Adds/associates servers to the specified CertLDAP configurations.
Removes servers from the specified CertLDAP configurations.
Sets the CertLDAP SSO options used by the CertLDAP configurations.
Enabling SSO modifies the httpd configuration object to enable client certificate validation.
Make sure your environment is setup to supply client certificate on request from BIG-IP system,
or your client will be unable to access the BIG-IP.
Gets the CertLDAP SSO options used by the CertLDAP configurations.
Sets the SSO login name attribute used by the specified CertLDAP configurations.
Gets the SSO login name attribute used by the specified CertLDAP configurations.
Sets the SSO login filter used by the specified CertLDAP configurations.
This filter extracts substring from login name attribute value.
Gets the SSO login filter attribute used by the specified CertLDAP configurations.
Sets the description for a set of CertLDAP configurations.
This is an arbitrary field which can be used for any purpose.
Gets the descriptions for a set of CertLDAP configurations.
Gets the version information for this interface.
Gets a list of all CertLDAP configurations.
Creates the specified CertLDAP configurations.
The key must be specified as "system-auth".
Creates the default authentication CertLDAP configuration.
Creates the default authentication Active Directory configuration.
Deletes the specified CertLDAP configurations.
Deletes all CertLDAP configurations.
Sets the states indicating whether syslog debugging is enabled/disabled.
Gets the states indicating whether syslog debugging is enabled/disabled.
Sets the states indicating whether to ignore errors when authentication information is unavailable.
Gets the states indicating whether to ignore errors when authentication information is unavailable.
Sets the states indicating whether to enable/disable warning messages.
Gets the states indicating whether to enable/disable warning messages.
Sets the ports used by the LDAP servers to listen for requests.
Gets the ports used by the LDAP servers to listen for requests.
Sets the CertLDAP SSL options used by the CertLDAP configurations.
Gets the CertLDAP SSL options used by the CertLDAP configurations.
Sets the states indicating whether to require and verify server certificate.
Gets the states indicating whether to require and verify server certificate.
Sets the CA certificate file objects used in server certificate
verification for a set of CertLDAP authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Gets the CA certificate file object names used in server
certificate verification for a set of CertLDAP authentication
configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Sets the SSL cipher suite used by the CertLDAP configurations.
Gets the SSL cipher suite used by the CertLDAP configurations.
Sets the client key file objects used by a set of CertLDAP
authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Gets the client key file objects used by a set of CertLDAP
authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Sets the client certificate file objects used by a set of CertLDAP
authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Gets the client certificate file objects used by a set of CertLDAP
authentication configurations.
See the Management::KeyCertificate interface for certificate file
object management.
Sets the distinguished names of the search bases used by the CertLDAP configurations.
Gets the distinguished names of the search bases used by the CertLDAP configurations.
Sets the LDAP versions to use by the CertLDAP configurations.
Gets the LDAP versions to use by the CertLDAP configurations.
Sets the distinguished names used to bind to the servers. Default is to bind anonymously.
Gets the distinguished names used to bind to the servers. Default is to bind anonymously.
Sets the credentials used to bind to the servers. Default is to bind with no credentials.
Gets the credentials used to bind to the servers. Default is to bind with no credentials.
Sets the search scopes used by the CertLDAP configurations.
Gets the search scopes used by the CertLDAP configurations.
Sets the search time limits in seconds. This is the time to wait for the search to complete.
Gets the search time limits in seconds. This is the time to wait for the search to complete.
Sets the bind time limits in seconds. This is the time to wait for the bind to complete.
Gets the bind time limits in seconds. This is the time to wait for the bind to complete.
Sets the idle time limits in seconds. This client will close connections if the server has not
been contacted for the number of seconds specified by this value.
Gets the idle time limits in seconds. This client will close connections if the server has not
been contacted for the number of seconds specified by this value.
Sets the filter strings used by the specified CertLDAP configurations.
Gets the filter strings used by the specified CertLDAP configurations.
Sets the states indicating whether to check the 'host' attribute for access control. Default is no;
if set to yes, and user has no value for the host attribute, and pam_ldap is configured for account
management (authorization) then the user will not be allowed to login.
Gets the states indicating whether to check the 'host' attribute for access control. Default is no;
if set to yes, and user has no value for the host attribute, and pam_ldap is configured for account
management (authorization) then the user will not be allowed to login.
Sets the states indicating whether to check the membership
attribute in groups given in remote-role definitions for
access control. Default is no; if set to yes, and user does
not belong to any groups given in the remote-role
definitions, and pam_ldap is configured for account
management (authorization) then the user will only be able
to log in using the default remote-role, which can be set
to deny access.
Gets the states indicating whether to check the membership
attribute in groups given in remote-role definitions for
access control.
Sets the login attributes used by the specified CertLDAP configurations.
Gets the login attributes used by the specified CertLDAP configurations.
Gets the lists of servers the specified CertLDAP configurations are associated with.
Adds/associates servers to the specified CertLDAP configurations.
Removes servers from the specified CertLDAP configurations.
Sets the CertLDAP SSO options used by the CertLDAP configurations.
Enabling SSO modifies the httpd configuration object to enable client certificate validation.
Make sure your environment is setup to supply client certificate on request from BIG-IP system,
or your client will be unable to access the BIG-IP.
Gets the CertLDAP SSO options used by the CertLDAP configurations.
Sets the SSO login name attribute used by the specified CertLDAP configurations.
Gets the SSO login name attribute used by the specified CertLDAP configurations.
Sets the SSO login filter used by the specified CertLDAP configurations.
This filter extracts substring from login name attribute value.
Gets the SSO login filter attribute used by the specified CertLDAP configurations.
Sets the description for a set of CertLDAP configurations.
This is an arbitrary field which can be used for any purpose.
Gets the descriptions for a set of CertLDAP configurations.
Gets the version information for this interface.
The CertLDAPConfiguration interface enables you to manage CertLDAP PAM configuration.
This LDAP configuration is specific to Certificate based Single Sign On (SSO) feature support.
The key in the create method must be "system-auth". This key must be used in all other
methods as well.
Note: The SSO feature requires configuring httpd object attributes in advance. The
following httpd attributes must be configured appropriately prior to the creation of the
CertLDAP object: sslcacertfile, sslverifyclient, sslverifydepth, sslocspenable,
sslocspdefaultresponder and ssloveroverrideresponder.
"httpd" is an LTConfig class and class instance, and support is available to configure
such objects (through the LTConfig::Field interface and set_values method). Please see the
LTConfig module for details.