DirectoryService

The DirectoryService contains functions to manage LDAP containers and to get information about LDAP connections.

The table below lists the functions available from the DirectoryService.

Function	Description	Returns
deleteContainer	Deletes the configuration of the identified LDAP container. If the LDAP container has any resources associated with it, you must use the delete-resources parameter to also delete the associated resources, otherwise the deletion will fail. Required system action: deleteLDAPAdmin If you are deleting resources with this function (using the deleteResources parameter), you must also have either the resourceAdmin or deleteResourceAdmin system action.	DeleteContainerResponseType
executeLargeLdapQuery	The same as the executeLdapQuery function (see below), except this function is intended for complex or large LDAP queries. Required system action: LDAPAdmin	ExecuteLdapQueryResponseType
executeLdapQuery	Returns the Distinguished Names (DNs) for LDAP entries that match the specified query. The query traverses all sub-tree nodes starting from the node identified by the basedn parameter. Required system action: LDAPAdmin	ExecuteLdapQueryResponseType
executePagedLdapQuery	Returns the Distinguished Names (DNs) for LDAP entries that match the specified query, in a paged format. The response returns the following two values: bookmark: This value is passed in subsequent calls to get the next page of results. If the bookmark returns empty in the response, it means the end of the result set has been reached. estimated-size: The estimated number of DNs that satisfy the query. Also note that this is not supported by all LDAP servers (the Apache LDAP server does not support it); when not supported, it returns 0. Required system action: LDAPAdmin	ExecuteLdapQueryResponseType
getCandidateDetail	Retrieves additional information about one candidate returned by the listCandidateResources function (see below). If the candidate is one for which a resource already exists, the GUID and the name of that existing resource are returned in the response. If not, the name that will be assigned (by default) to the resource created from this candidate entry is returned. Required system action: LDAPAdmin	GetCandidateDetailResponseType
getLdapEntry	Gets details of a specified LDAP entry. The request identifies an LDAP entry by its alias and DN, and specifies the attributes required. If no attribute names are listed, it is taken as a request for all attributes. Required system action: LDAPAdmin	GetLdapEntryResponseType
listAttributeNames	Lists the names of those attributes that are available from the LDAP entries associated with the named LDAP connection. The request identifies the LDAP connection by its alias. The search can be further limited by specifying a base-dn, an LDAP query as a filter, and a sample size. Required system action: LDAPAdmin	ListAttributeNamesResponseType
listAttributeNamesLargeQuery	Same as the listAttributeNames function (see above), except this function is intended for complex or large LDAP queries, where putting the query in the URL would be impractical. Required system action: LDAPAdmin	ListAttributeNamesResponseType
listCandidateResources	Lists all candidate resources (including existing resources) from the identified LDAP container. The entries in the response are suitable to be passed to the createResource function in OrgResourceService. Also see the listPagedCandidatesResources function (below) to list a page of candidate resources. Required system action: LDAPAdmin or resourceAdmin ¹	ListCandidateResourcesResponseType
listContainers	Lists the configuration detail of all LDAP containers to which the user has access permission. Access can be restricted by the organizations to which the calling user is associated. Required system action: LDAPAdmin or resourceAdmin ¹	ListContainersResponseType
listLdapConnections	Lists details of all the LDAP connection shared resources available to Directory Engine. The response lists those LDAP connections named with the prefix ldap/de/, indicating that they are available to Directory Engine. Each connection is identified by its alias (which is the name minus the ldap/de/ prefix). The response also includes the URL that the connection uses. Note: You must use TIBCO ActiveMatrix Administrator to create LDAP connections. Note that the Name used within Administrator corresponds to the alias used here; that is, it does not have the ldap/de/ prefix. Required system action: LDAPAdmin	ListLdapConnectionsResponseType
listPagedCandidateResources	Returns a page of candidate resources (including existing resources) from the identified LDAP container. The entries in the response are suitable to be passed to the createResource function in OrgResourceService. The response returns the following two values: bookmark: This value is passed in subsequent calls to get the next page of results. If the bookmark returns empty in the response, it means the end of the result set has been reached. estimated-size: The estimated number of candidate resources. Also note that this is not supported by all LDAP servers (the Apache LDAP server does not support it); when not supported, it returns 0. Required system action: LDAPAdmin or resourceAdmin ¹	ListCandidateResourcesResponseType
saveContainer	Saves the given LDAP container configuration. Use this function to create a new LDAP container or to update an existing one. The request parameters depend on which of the following type of LDAP source is used to identify candidate resources: LDAP Query Source - An LDAP query is used to identify the directory entries that will be candidate resources. LDAP Group Source - A Group DN is used to identify the directory entry that is the group. When a Group DN is specified, a member attribute is also specified, which holds the collection of member identifiers, that is, their DNs. This provides the list of candidate resources. The response returns the unique ID of the newly-created LDAP container. Required system action: LDAPAdmin	SaveContainerResponseType
updateContainer	Saves the given LDAP container configuration. Use this function to update an existing container. The request parameters depend on which of the following type of LDAP source is used to identify candidate resources: LDAP Query Source - An LDAP query is used to identify the directory entries that will be candidate resources. LDAP Group Source - A Group DN is used to identify the directory entry that is the group. When a Group DN is specified, a member attribute is also specified, which holds the collection of member identifiers, that is, their DNs. This provides the list of candidate resources. The response returns the unique ID of the updated LDAP container. Required system action: LDAPAdmin	SaveContainerResponseType

¹ Users possessing either the LDAPAdmin or the resourceAdmin system action can call this function. But having the LDAPAdmin system action gives the user additional access to organizations that are restricted due to organization relationships. For more information, see Overriding Organization Relationships.

Contents

Index

Search Results

DirectoryService