Note: this component stores cluster-wide configuration data and is mirrored across all servers in the topology within the the same cluster.
Note: changes to cluster-wide configuration objects are immediately and automatically mirrored across all servers within the same cluster, so offline changes are not supported.
A User REST Resource Type defines a type of user resource accessible over the Directory REST API.
↓Parent Component
↓Properties
↓dsconfig Usage
The User REST Resource Type component inherits from the REST Resource Type
The properties supported by this managed object are as follows:
General Configuration Basic Properties: | Advanced Properties: |
---|---|
↓ description | None |
↓ enabled | |
↓ resource-endpoint | |
↓ structural-ldap-objectclass | |
↓ auxiliary-ldap-objectclass | |
↓ search-base-dn | |
Resource Creation Basic Properties: | Advanced Properties: |
↓ parent-dn | None |
↓ parent-resource-type | |
↓ relative-dn-from-parent-resource | |
↓ create-rdn-attribute-type | |
↓ post-create-constructed-attribute | |
Delegated Admin Basic Properties: | Advanced Properties: |
↓ display-name | None |
↓ search-filter-pattern | |
↓ primary-display-attribute-type | |
↓ delegated-admin-search-size-limit |
Property Group | General Configuration |
Description | A description for this REST Resource Type |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Indicates whether the REST Resource Type is enabled. If a REST Resource Type is not enabled, then its contents are not accessible when processing operations. |
Default Value | None |
Allowed Values | true false |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | The HTTP addressable endpoint of this REST Resource Type relative to a REST API base URL. Do not include a leading '/'. |
Default Value | None |
Allowed Values | A HTTP addressable endpoint consisting only of letters, digits, '_' and '-' characters. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Specifies the LDAP structural object class that should be exposed by this REST Resource Type. |
Default Value | None |
Allowed Values | The name or OID of the objectclass to expose. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Specifies an auxiliary LDAP object class that should be exposed by this REST Resource Type. |
Default Value | None |
Allowed Values | The name or OID of the auxiliary objectclass to expose. |
Multi-Valued | Yes |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | Specifies the base DN of the branch of the LDAP directory where resources of this type are located. Along with the structural-ldap-objectclass property, this property determines whether an entry is included in this REST Resource Type. |
Default Value | None |
Allowed Values | A valid DN. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | Resource Creation |
Description | Specifies the DN of the parent entry for new resources of this type, when a parent resource is not provided by the app. The parent DN must be at or below the search base of this resource type. |
Default Value | None |
Allowed Values | A valid DN. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Resource Creation |
Description | Specifies the name of another resource type which may be a parent of new resources of this type. The search base DN of the parent resource type must be at or above the search base DN of this resource type. |
Default Value | None |
Allowed Values | The DN of any REST Resource Type. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
relative-dn-from-parent-resource
Property Group | Resource Creation |
Description | Specifies a template for a relative DN from the parent resource which identifies the parent entry for a new resource of this type. If this property is not specified then new resources are created immediately below the parent resource or parent DN. The template may be a fixed relative DN, or may reference any LDAP attribute in the entry to be created by using bracket notation. For example if the relative DN is ou=People,o={o} and the parent resource is ou=Companies,dc=example,dc=com and the entry contains attribute 'o' with value 'ACME' then the parent entry of the new resource is ou=People,o=ACME,ou=Companies,dc=example,dc=com. Creation fails if the entry does not contain a value needed by the template or if the parent entry does not exist. |
Default Value | The new resource is created immediately below the parent resource. |
Allowed Values | The pattern to use to construct the relative DN value. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Resource Creation |
Description | Specifies the name or OID of the LDAP attribute type to be used as the RDN of new resources. |
Default Value | New resource entries are named using a server-generated UUID. |
Allowed Values | The name or OID of an attribute type defined in the server schema. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
post-create-constructed-attribute
Property Group | Resource Creation |
Description | Specifies an attribute whose values are to be constructed immediately after a new resource is created. The values are only set at creation time. Subsequent modifications to attributes in the constructed attribute value-pattern are not propagated here. If the constructed attribute is defined as single-valued in the schema then a constructed value is only added if the entry does not currently have a value for the attribute, and there is only one constructed value (otherwise the constructed values for that attribute are ignored). |
Default Value | None |
Allowed Values | The DN of any Constructed Attribute. |
Multi-Valued | Yes |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Delegated Admin |
Description | A human readable display name for this REST Resource Type. |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
Property Group | Delegated Admin |
Description | Specifies the LDAP filter that should be used when searching for resources matching provided search text. All attribute types in the filter pattern referencing the search text must have a Delegated Admin Attribute definition. The filter pattern may refer to the provided search text using the token "%%". For example, the match filter "(|(mail=*%%*)(cn=*%%*))" will substitute "%%" with the search text in both places. Substitution is not performed within any extensible match filter component (such as jsonObjectFilterExtensibleMatch). |
Default Value | None |
Allowed Values | A valid LDAP search filter |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
primary-display-attribute-type
Property Group | Delegated Admin |
Description | Specifies the name or OID of the LDAP attribute type which is the primary display attribute. This attribute type must be in the search filter pattern and must have a Delegated Admin Attribute definition. |
Default Value | None |
Allowed Values | The name or OID of an attribute type defined in the server schema. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
delegated-admin-search-size-limit
Property Group | Delegated Admin |
Description | The maximum number of resources that may be returned from a search request. If the number of search results for a given request exceeds this value, an error will be returned to the client indicating that the search matched too many results. |
Default Value | 100 |
Allowed Values | An integer value. Lower limit is 1. Upper limit is 100000 . |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
To list the configured REST Resource Types:
dsconfig list-rest-resource-types [--property {propertyName}] ...
To view the configuration for an existing REST Resource Type:
dsconfig get-rest-resource-type-prop --type-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing REST Resource Type:
dsconfig set-rest-resource-type-prop --type-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new User REST Resource Type:
dsconfig create-rest-resource-type --type-name {name} --set enabled:{propertyValue} --set resource-endpoint:{propertyValue} --set structural-ldap-objectclass:{propertyValue} --set search-base-dn:{propertyValue} [--set {propertyName}:{propertyValue}] ...
To delete an existing REST Resource Type:
dsconfig delete-rest-resource-type --type-name {name}