Versions Compared

Old Version 21

changes.mady.by.user Rajani Karuturi

Saved on

compared with

New Version 22

changes.mady.by.user Rajani Karuturi

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

id12
typeGROUPOU
nameCN=Dev-Hyd,DC=ccp,DC=example,DC=net

OU=SevenSeas,DC=ccp,DC=example,DC=net

domain_id2

3

 

API Changes

...

  • linkDomainToLdap - Admin only Api
    • domainId - the domain which has to be linked
    • type - OU/GROUP
    • name - common name of group or OU
    • admin - domain admin username in LDAP - optional
  • Response
    • return the domainId on success
    • error message if its not successful
  • TODO: sample request and response

 

    A new api to link ldap OU/domain with a CloudStack domain

...

  • linkDomainToLdap - Admin only Api

      ...

        • domainId - the domain which has to be linked

      ...

        • type - OU/GROUP

      ...

        • name - common name of group or OU

      ...

        • accounttype - account type to be used while auto importing the accounts

      ...

        • admin - domain admin username in LDAP - optional

      ...

      • Response

          ...

            • return the domainId, name, type, accountType on success (will also return accountid if account import of the user admin is successful)

          ...

            • error message if its not successful

          ...

          • Sample Api and response

          ...

            • ...

                • link domain and make rajanik admin

              cloudmonkey > link domaintoldap accounttype=2 name="cn=dev-hyd,dc=ccp,dc=citrite,dc=net" domainid=8f89a84e-51a0-459f-a9ed-9079ce790235 type="GROUP" admin=rajanik

              {

                "LinkDomainToLdap": {

                  "accountid": "13",

                  "accounttype": 2,

                  "domainid": 3,

                  "name": "cn=dev-hyd,dc=ccp,dc=citrite,dc=net",

                  "type": "GROUP"

                }

              ...

               

              ...

                • link domain and make rajanik admin - rajanik already exists in domain

              cloudmonkey > link domaintoldap accounttype=2 name="cn=dev-hyd,dc=ccp,dc=citrite,dc=net" domainid=8f89a84e-51a0-459f-a9ed-9079ce790235 type="GROUP" admin=rajanik

              {

                "LinkDomainToLdap": {

                  "accounttype": 2,

                  "domainid": 3,

                  "name": "cn=dev-hyd,dc=ccp,dc=citrite,dc=net",

                  "type": "GROUP"

               

              ...

              }

              ...

                • link domain

              cloudmonkey > link domaintoldap accounttype=2 name="cn=dev-hyd,dc=ccp,dc=citrite,dc=net" domainid=8f89a84e-51a0-459f-a9ed-9079ce790235 type="GROUP"

              {

                "LinkDomainToLdap": {

                  "accounttype": 2,

                  "domainid": 3,

                  "name": "cn=dev-hyd,dc=ccp,dc=citrite,dc=net",

                  "type": "GROUP"

                }

              }

              ...

               

              UI Changes

              a pop to link ou/group to cloudstack

              this should show list of domains in cloudstack and provide text fields for type, name, admin(optional) and on save call the connectDomainToLdap api

              Testing

              LDAP : Trust AD and Auto Import Test Plan

              Open Issues

              When a user is disabled in LDAP, authentication in CloudStack will fail immediately. But, he will disabled in CloudStack only when he tries to login.

              References

              https://technet.microsoft.com/en-us/library/cc977992.aspx

              Bug Reference & Branch

              CLOUDSTACK-8647