SOAP API - saveContainer

The table summarizes the SOAP API - saveContainer.

Request Uses the saveContainer element (from the DirectoryService schema)
Parameter notes (for an LDAP Query Source)
  • id: the unique ID of the LDAP container. Specified when you are updating an existing container. Can be obtained from a call to listContainers .
  • name: the unique name of the LDAP container. If you are creating a new container, this is how you assign its name. If you are updating an existing container, this identifies the container you are working on.
  • description: (Optional) a description of the LDAP container.
  • primary-ldap: the definition for the primary LDAP source for the LDAP container when using an LDAP Query Source.
    • ldap-alias: the alias of the primary LDAP source. LDAP connection shared resources are named with the prefix ldap/de/ in order to indicate that they are intended for Directory Engine use. The alias given here is that name without the ldap/de/ prefix. Can be obtained from a previous call to listLdapConnections
    • ldap-query: use an LDAP query to identify the primary LDAP source.
    • resource-name-attributes: (Optional) A space-separated list of named LDAP attributes, whose values will be concatenated to generate a default display name for resources derived from entries in this LDAP source.

      (When an LDAP container contains secondary LDAP sources, and those LDAP sources also provide resource-name-attributes, the attributes of the first entry encountered will be used.)

    • base-dn: the base Distinguished Name (DN) to which the LDAP query is restricted. This is relative to, and in addition to, any base DN specified in the LDAP Connection Shared Resource's URL.
  • attribute-mapping: Used to map organization model resource attributes to LDAP attributes:
    • resource-attr-guid: the GUID of the resource attribute, as defined in the organization model.
    • ldap-attribute: the LDAP attribute that is to be mapped to the resource attribute resource-attr-guid. Whenever a value is required for that resource attribute, it is provided by the value of this LDAP attribute. The value can be obtained from a call to listAttributeNames .
  • secondary-ldap: (Optional) one or more definitions of secondary LDAP sources for the LDAP container. Has the same values as primary-ldap.
    • primary-link: Links an entry in the secondary-ldap with the corresponding resource entry in the primary-ldap.
Parameter notes (for an LDAP Query Source)

Cont.

  • restricted-org: (Optional) Identifies an organization with which the resource has a connection. Access is restricted to those resource derived from the LDAP Container in which this element resides. It also restricts the Organizations to which resources derived from this LDAP container can be assigned.
  • search-scope: (Optional) Restricts the depth to which the LDAP query search is applied to the LDAP directory structure. The valid values are:
    • ONELEVEL - Only the elements directly within the Base DN are searched.
    • SUBTREE - The elements directly within, and below, the Base DN are searched.
Parameter notes (for an LDAP Group Source)
  • id: the unique ID of the LDAP container. Specified when you are updating an existing container. Can be obtained from a call to listContainers .
  • name: the unique name of the LDAP container. If you are creating a new container, this is how you assign its name. If you are updating an existing container, this identifies the container you are working on.
  • description: (Optional) a description of the LDAP container.
  • primary-group-ldap: the definition for the primary LDAP source for the LDAP container when using an LDAP Group Source.
    • ldap-alias: the alias of the primary LDAP source. LDAP connection shared resources are named with the prefix ldap/de/ in order to indicate that they are intended for Directory Engine use. The alias given here is that name without the ldap/de/ prefix. Can be obtained from a previous call to listLdapConnections
    • group-dn - Identifies the directory entry that is the group. (For an example, see page 138.)
    • member-attribute - Identifies the attribute within the group entry that holds the collection of DNs that identifies the candidate resources.
    • resource-name-attributes: (Optional) A space-separated list of named LDAP attributes, whose values will be concatenated to generate a default display name for resources derived from entries in this LDAP source.

      (When an LDAP container contains secondary LDAP sources, and those LDAP sources also provide resource-name-attributes, the attributes of the first entry encountered will be used.)

  • attribute-mapping: Used to map organization model resource attributes to LDAP attributes:
    • resource-attr-guid: the GUID of the resource attribute, as defined in the organization model.
    • ldap-attribute: the LDAP attribute that is to be mapped to the resource attribute resource-attr-guid. Whenever a value is required for that resource attribute, it is provided by the value of this LDAP attribute. The value can be obtained from a call to listAttributeNames .
  • secondary-group-ldap: (Optional) one or more definitions of secondary LDAP Group Sources for the LDAP container. Has the same values as primary-ldap.
    • primary-link: Links an entry in the secondary-group-ldap with the corresponding resource entry in the primary-group-ldap.
  • restricted-org: (Optional) Identifies an organization with which the resource has a connection. Access is restricted to those resource derived from the LDAP Container in which this element resides. It also restricts the Organizations to which resources derived from this LDAP container can be assigned.
Response Returns a saveContainerResponse element (from the DirectoryService schema).
  • container-id: the unique ID of the created or updated LDAP container. (This value is returned only if the LDAP container was successfully saved.)
Example

(using an LDAP query)

Request: 
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:dir="http://directory.api.de.bpm.tibco.com">
   <soapenv:Header/>
   <soapenv:Body>
      <dir:saveContainer name="Seattle" description="Seattle Group">
         <primary-ldap ldap-alias="easyAs" 
                       resource-name-attributes="ou" 
                       ldap-query="(objectClass=organizationalPerson)" 
                       search-scope="ONELEVEL">
         </primary-ldap>
      </dir:saveContainer>
   </soapenv:Body>
</soapenv:Envelope>
Response: 
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Header/>
   <SOAP-ENV:Body>
      <saveContainerResponse container-id="12" xmlns="http://directory.api.de.bpm.tibco.com"/>
   </SOAP-ENV:Body>
</SOAP-ENV:Envelope>
Example

(using a group query)

Request: 
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:dir="http://directory.api.de.bpm.tibco.com">
   <soapenv:Header/>
   <soapenv:Body>
     <dir:saveContainer description="Customer Service Representatives" name="CSRs">
        <primary-group-ldap ldap-alias="deLdap2" resource-name-attributes="displaynames" 
             group-dn="OU=CSR, OU-groups, O-insuranceSales"
             member-attribute="roleoccupant">
        </primary-group-ldap>
     </dir:saveContainer>
   </soapenv:Body>
</soapenv:Envelope>
Response: 
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Header/>
   <SOAP-ENV:Body>
      <saveContainerResponse container-id="6" xmlns="http://directory.api.de.bpm.tibco.com"/>
   </SOAP-ENV:Body>
</SOAP-ENV:Envelope>