GET /ds (deprecated)

Get information about your directory service. Authentication is required.

GET /ds is deprecated. Instead, use GET /ldap.

Request format

When Forming RBAC API requests to this endpoint, the request is a basic call with authentication, such as:

curl "https://$(puppet config print server):4433/rbac-api/v2/ds" -H "X-Authentication:$(puppet-access show)"

Response format

Returns an array of objects, where each object represents a currently-configured LDAP server. For example, this response contains information for one LDAP server:

[
  {
    "id": "6e33eb78-820f-463a-a65c-e1ef291d59a8",
    "help_link": "https://help.example.com",
    "ssl": true,
    "group_name_attr": "name",
    "group_rdn": null,
    "connect_timeout": 15,
    "user_display_name_attr": "cn",
    "disable_ldap_matching_rule_in_chain": false,
    "ssl_hostname_validation": true,
    "hostname": "ldap.example.com",
    "base_dn": "dc=example,dc=com",
    "user_lookup_attr": "uid",
    "port": 636,
    "login": "cn=ldapuser,ou=service,ou=users,dc=example,dc=com",
    "group_lookup_attr": "cn",
    "group_member_attr": "uniqueMember",
    "ssl_wildcard_validation": false,
    "user_email_attr": "mail",
    "user_rdn": "ou=users",
    "group_object_class": "groupOfUniqueNames",
    "display_name": "Acme Corp Ldap server",
    "search_nested_groups": true,
    "start_tls": false
  }
]

Returns an empty array if no LDAP servers are configured.

You must have the directory_service:edit permission to view all fields; otherwise, only the display name of the directory server is returned.

For information about each setting, refer to External directory settings.

For errors, refer to RBAC service errors .