Class: SDM::ActiveDirectoryEngine

Inherits:

Object

• Object
• SDM::ActiveDirectoryEngine

Defined in:

lib/models/porcelain.rb

Overview

ActiveDirectoryEngine is currently unstable, and its API may change, or it may be removed, without a major version bump.

Instance Attribute Summary

• #after_read_ttl ⇒ Object

  The default time-to-live duration of the password after it's read.

• #binddn ⇒ Object

  Distinguished name of object to bind when performing user and group search.

• #bindpass ⇒ Object

  Password to use along with binddn when performing user search.

• #certificate ⇒ Object

  CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.

• #connection_timeout ⇒ Object

  Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.

• #do_not_validate_timestamps ⇒ Object

  If set to true this will prevent password change timestamp validation in Active Directory when validating credentials.

• #id ⇒ Object

  Unique identifier of the Secret Engine.

• #insecure_tls ⇒ Object

  If true, skips LDAP server SSL certificate verification - insecure, use with caution!.

• #key_rotation_interval_days ⇒ Object

  An interval of public/private key rotation for secret engine in days.

• #max_backoff_duration ⇒ Object

  The maximum retry duration in case of automatic failure.

• #name ⇒ Object

  Unique human-readable name of the Secret Engine.

• #policy ⇒ Object

  Policy for password creation.

• #public_key ⇒ Object

  Public key linked with a secret engine.

• #request_timeout ⇒ Object

  Timeout, in seconds, for the connection when making requests against the server before returning back an error.

• #secret_store_id ⇒ Object

  Backing secret store identifier.

• #secret_store_root_path ⇒ Object

  Backing Secret Store root path where managed secrets are going to be stored.

• #start_tls ⇒ Object

  If true, issues a StartTLS command after establishing an unencrypted connection.

• #tags ⇒ Object

  Tags is a map of key, value pairs.

• #ttl ⇒ Object

  The default password time-to-live duration.

• #upndomain ⇒ Object

  The domain (userPrincipalDomain) used to construct a UPN string for authentication.

• #url ⇒ Object

  The LDAP server to connect to.

• #userdn ⇒ Object

  Base DN under which to perform user search.

Instance Method Summary

• #initialize(after_read_ttl: nil, binddn: nil, bindpass: nil, certificate: nil, connection_timeout: nil, do_not_validate_timestamps: nil, id: nil, insecure_tls: nil, key_rotation_interval_days: nil, max_backoff_duration: nil, name: nil, policy: nil, public_key: nil, request_timeout: nil, secret_store_id: nil, secret_store_root_path: nil, start_tls: nil, tags: nil, ttl: nil, upndomain: nil, url: nil, userdn: nil) ⇒ ActiveDirectoryEngine constructor

  A new instance of ActiveDirectoryEngine.

• #to_json(options = {}) ⇒ Object

Constructor Details

#initialize(after_read_ttl: nil, binddn: nil, bindpass: nil, certificate: nil, connection_timeout: nil, do_not_validate_timestamps: nil, id: nil, insecure_tls: nil, key_rotation_interval_days: nil, max_backoff_duration: nil, name: nil, policy: nil, public_key: nil, request_timeout: nil, secret_store_id: nil, secret_store_root_path: nil, start_tls: nil, tags: nil, ttl: nil, upndomain: nil, url: nil, userdn: nil) ⇒ ActiveDirectoryEngine

Returns a new instance of ActiveDirectoryEngine.

# File 'lib/models/porcelain.rb', line 1712

def initialize(
  after_read_ttl: nil,
  binddn: nil,
  bindpass: nil,
  certificate: nil,
  connection_timeout: nil,
  do_not_validate_timestamps: nil,
  id: nil,
  insecure_tls: nil,
  key_rotation_interval_days: nil,
  max_backoff_duration: nil,
  name: nil,
  policy: nil,
  public_key: nil,
  request_timeout: nil,
  secret_store_id: nil,
  secret_store_root_path: nil,
  start_tls: nil,
  tags: nil,
  ttl: nil,
  upndomain: nil,
  url: nil,
  userdn: nil
)
  @after_read_ttl = after_read_ttl == nil ? nil : after_read_ttl
  @binddn = binddn == nil ? "" : binddn
  @bindpass = bindpass == nil ? "" : bindpass
  @certificate = certificate == nil ? "" : certificate
  @connection_timeout = connection_timeout == nil ? 0 : connection_timeout
  @do_not_validate_timestamps = do_not_validate_timestamps == nil ? false : do_not_validate_timestamps
  @id = id == nil ? "" : id
  @insecure_tls = insecure_tls == nil ? false : insecure_tls
  @key_rotation_interval_days = key_rotation_interval_days == nil ? 0 : key_rotation_interval_days
  @max_backoff_duration = max_backoff_duration == nil ? nil : max_backoff_duration
  @name = name == nil ? "" : name
  @policy = policy == nil ? nil : policy
  @public_key = public_key == nil ? "" : public_key
  @request_timeout = request_timeout == nil ? 0 : request_timeout
  @secret_store_id = secret_store_id == nil ? "" : secret_store_id
  @secret_store_root_path = secret_store_root_path == nil ? "" : secret_store_root_path
  @start_tls = start_tls == nil ? false : start_tls
  @tags = tags == nil ? SDM::_porcelain_zero_value_tags() : tags
  @ttl = ttl == nil ? nil : ttl
  @upndomain = upndomain == nil ? "" : upndomain
  @url = url == nil ? "" : url
  @userdn = userdn == nil ? "" : userdn
end

Instance Attribute Details

#after_read_ttl ⇒ Object

The default time-to-live duration of the password after it's read. Once the ttl has passed, a password will be rotated.

# File 'lib/models/porcelain.rb', line 1667

def after_read_ttl
  @after_read_ttl
end

#binddn ⇒ Object

Distinguished name of object to bind when performing user and group search. Example: cn=vault,ou=Users,dc=example,dc=com

# File 'lib/models/porcelain.rb', line 1669

def binddn
  @binddn
end

#bindpass ⇒ Object

Password to use along with binddn when performing user search.

# File 'lib/models/porcelain.rb', line 1671

def bindpass
  @bindpass
end

#certificate ⇒ Object

CA certificate to use when verifying LDAP server certificate, must be x509 PEM encoded.

# File 'lib/models/porcelain.rb', line 1673

def certificate
  @certificate
end

#connection_timeout ⇒ Object

Timeout, in seconds, when attempting to connect to the LDAP server before trying the next URL in the configuration.

# File 'lib/models/porcelain.rb', line 1675

def connection_timeout
  @connection_timeout
end

#do_not_validate_timestamps ⇒ Object

If set to true this will prevent password change timestamp validation in Active Directory when validating credentials

# File 'lib/models/porcelain.rb', line 1677

def do_not_validate_timestamps
  @do_not_validate_timestamps
end

#id ⇒ Object

Unique identifier of the Secret Engine.

# File 'lib/models/porcelain.rb', line 1679

def id
  @id
end

#insecure_tls ⇒ Object

If true, skips LDAP server SSL certificate verification - insecure, use with caution!

# File 'lib/models/porcelain.rb', line 1681

def insecure_tls
  @insecure_tls
end

#key_rotation_interval_days ⇒ Object

An interval of public/private key rotation for secret engine in days

# File 'lib/models/porcelain.rb', line 1683

def key_rotation_interval_days
  @key_rotation_interval_days
end

#max_backoff_duration ⇒ Object

The maximum retry duration in case of automatic failure. On failed ttl rotation attempt it will be retried in an increasing intervals until it reaches max_backoff_duration

# File 'lib/models/porcelain.rb', line 1686

def max_backoff_duration
  @max_backoff_duration
end

#name ⇒ Object

Unique human-readable name of the Secret Engine.

# File 'lib/models/porcelain.rb', line 1688

def name
  @name
end

#policy ⇒ Object

Policy for password creation

# File 'lib/models/porcelain.rb', line 1690

def policy
  @policy
end

#public_key ⇒ Object

Public key linked with a secret engine

# File 'lib/models/porcelain.rb', line 1692

def public_key
  @public_key
end

#request_timeout ⇒ Object

Timeout, in seconds, for the connection when making requests against the server before returning back an error.

# File 'lib/models/porcelain.rb', line 1694

def request_timeout
  @request_timeout
end

#secret_store_id ⇒ Object

Backing secret store identifier

# File 'lib/models/porcelain.rb', line 1696

def secret_store_id
  @secret_store_id
end

#secret_store_root_path ⇒ Object

Backing Secret Store root path where managed secrets are going to be stored

# File 'lib/models/porcelain.rb', line 1698

def secret_store_root_path
  @secret_store_root_path
end

#start_tls ⇒ Object

If true, issues a StartTLS command after establishing an unencrypted connection.

# File 'lib/models/porcelain.rb', line 1700

def start_tls
  @start_tls
end

#tags ⇒ Object

Tags is a map of key, value pairs.

# File 'lib/models/porcelain.rb', line 1702

def tags
  @tags
end

#ttl ⇒ Object

The default password time-to-live duration. Once the ttl has passed, a password will be rotated the next time it's requested.

# File 'lib/models/porcelain.rb', line 1704

def ttl
  @ttl
end

#upndomain ⇒ Object

The domain (userPrincipalDomain) used to construct a UPN string for authentication.

# File 'lib/models/porcelain.rb', line 1706

def upndomain
  @upndomain
end

#url ⇒ Object

The LDAP server to connect to.

# File 'lib/models/porcelain.rb', line 1708

def url
  @url
end

#userdn ⇒ Object

Base DN under which to perform user search. Example: ou=Users,dc=example,dc=com

# File 'lib/models/porcelain.rb', line 1710

def userdn
  @userdn
end

Instance Method Details

#to_json(options = {}) ⇒ Object

# File 'lib/models/porcelain.rb', line 1760

def to_json(options = {})
  hash = {}
  self.instance_variables.each do |var|
    hash[var.id2name.delete_prefix("@")] = self.instance_variable_get var
  end
  hash.to_json
end