TivoliDirectoryServer

Realm Operations

Resource path:

/realm-config/services/id-repositories/LDAPv3ForTivoli

Resource version: 1.0

create

Usage

am> create TivoliDirectoryServer --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "groupconfig" : {
      "type" : "object",
      "title" : "Group Configuration",
      "propertyOrder" : 5,
      "properties" : {
        "sun-idrepo-ldapv3-config-group-attributes" : {
          "title" : "LDAP Groups Attributes",
          "description" : "",
          "propertyOrder" : 3400,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-dftgroupmember" : {
          "title" : "Default Group Member's User DN",
          "description" : "User automatically added when group is created.",
          "propertyOrder" : 3800,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-uniquemember" : {
          "title" : "Attribute Name of Unique Member",
          "description" : "",
          "propertyOrder" : 3600,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-group-container-name" : {
          "title" : "LDAP Groups Container Naming Attribute",
          "description" : "",
          "propertyOrder" : 3100,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-groups-search-attribute" : {
          "title" : "LDAP Groups Search Attribute",
          "description" : "",
          "propertyOrder" : 2900,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-memberof" : {
          "title" : "Attribute Name for Group Membership",
          "description" : "",
          "propertyOrder" : 3500,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-group-objectclass" : {
          "title" : "LDAP Groups Object Class",
          "description" : "",
          "propertyOrder" : 3300,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-groups-search-filter" : {
          "title" : "LDAP Groups Search Filter",
          "description" : "",
          "propertyOrder" : 3000,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-group-container-value" : {
          "title" : "LDAP Groups Container Value",
          "description" : "",
          "propertyOrder" : 3200,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "ldapsettings" : {
      "type" : "object",
      "title" : "Server Settings",
      "propertyOrder" : 0,
      "properties" : {
        "sun-idrepo-ldapv3-config-organization_name" : {
          "title" : "LDAP Organization DN",
          "description" : "",
          "propertyOrder" : 900,
          "required" : true,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-search-scope" : {
          "title" : "LDAPv3 Plug-in Search Scope",
          "description" : "",
          "propertyOrder" : 2000,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-authid" : {
          "title" : "LDAP Bind DN",
          "description" : "A user or admin with sufficient access rights to perform the supported operations.",
          "propertyOrder" : 700,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "openam-idrepo-ldapv3-heartbeat-interval" : {
          "title" : "LDAP Connection Heartbeat Interval",
          "description" : "Specifies how often should OpenAM send a heartbeat request to the directory.<br><br>This setting controls how often OpenAM <b>should</b> send a heartbeat search request to the configured directory. If a connection becomes unresponsive (e.g. due to a network error) then it may take up to the interval period before the problem is detected. Use along with the Heartbeat Time Unit parameter to define the exact interval. Zero or negative value will result in disabling heartbeat requests.",
          "propertyOrder" : 1300,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-max-result" : {
          "title" : "Maximum Results Returned from Search",
          "description" : "",
          "propertyOrder" : 1500,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-connection_pool_max_size" : {
          "title" : "LDAP Connection Pool Maximum Size",
          "description" : "",
          "propertyOrder" : 1200,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "openam-idrepo-ldapv3-behera-support-enabled" : {
          "title" : "Behera Support Enabled",
          "description" : "When enabled, Behera draft control will be used in the outgoing requests for operations that may modify password value. This will allow OpenAM to display password policy related error messages when password policies are not met.",
          "propertyOrder" : 6100,
          "required" : false,
          "type" : "boolean",
          "exampleValue" : ""
        },
        "openam-idrepo-ldapv3-affinity-enabled" : {
          "title" : "Affinity Enabled",
          "description" : "Enables affinity based request load balancing when accessing the user store servers (based on DN). It is imperative that the connection string setting is set to the same value for all OpenAM servers in the deployment when this feature is enabled.",
          "propertyOrder" : 6200,
          "required" : true,
          "type" : "boolean",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-ldap-server" : {
          "title" : "LDAP Server",
          "description" : "Format: LDAP server host name:port | server_ID | site_ID",
          "propertyOrder" : 600,
          "required" : true,
          "items" : {
            "type" : "string"
          },
          "minItems" : 1,
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-authpw" : {
          "title" : "LDAP Bind Password",
          "description" : "",
          "propertyOrder" : 800,
          "required" : false,
          "type" : "string",
          "format" : "password",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-connection_pool_min_size" : {
          "title" : "LDAP Connection Pool Minimum Size",
          "description" : "",
          "propertyOrder" : 1100,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-time-limit" : {
          "title" : "Search Timeout",
          "description" : "In seconds.",
          "propertyOrder" : 1600,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "openam-idrepo-ldapv3-heartbeat-timeunit" : {
          "title" : "LDAP Connection Heartbeat Time Unit",
          "description" : "Defines the time unit corresponding to the Heartbeat Interval setting.<br><br>This setting controls how often OpenAM <b>should</b> send a heartbeat search request to the configured directory. If a connection becomes unresponsive (e.g. due to a network error) then it may take up to the interval period before the problem is detected. Use along with the Heartbeat Interval parameter to define the exact interval.",
          "propertyOrder" : 1400,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-connection-mode" : {
          "title" : "LDAP Connection Mode",
          "description" : "Defines which protocol/operation is used to establish the connection to the LDAP Directory Server.<br><br>If 'LDAP' is selected, the connection <b>won't be secured</b> and passwords are transferred in <b>cleartext</b> over the network.<br/> If 'LDAPS' is selected, the connection is secured via SSL or TLS. <br/> If 'StartTLS' is selected, the connection is secured by using StartTLS extended operation.",
          "propertyOrder" : 1000,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "userconfig" : {
      "type" : "object",
      "title" : "User Configuration",
      "propertyOrder" : 3,
      "properties" : {
        "sun-idrepo-ldapv3-config-users-search-filter" : {
          "title" : "LDAP Users  Search Filter",
          "description" : "",
          "propertyOrder" : 2200,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-createuser-attr-mapping" : {
          "title" : "Create User Attribute Mapping",
          "description" : "Format: attribute name or TargetAttributeName=SourceAttributeName",
          "propertyOrder" : 2500,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-user-attributes" : {
          "title" : "LDAP User Attributes",
          "description" : "",
          "propertyOrder" : 2400,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-people-container-name" : {
          "title" : "LDAP People Container Naming Attribute",
          "description" : "",
          "propertyOrder" : 5000,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-auth-kba-attr" : {
          "title" : "Knowledge Based Authentication Attribute Name",
          "description" : "",
          "propertyOrder" : 5300,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-auth-kba-attempts-attr" : {
          "title" : "Knowledge Based Authentication Attempts Attribute Name",
          "description" : "",
          "propertyOrder" : 5340,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-isactive" : {
          "title" : "Attribute Name of User Status",
          "description" : "",
          "propertyOrder" : 2600,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-user-objectclass" : {
          "title" : "LDAP User Object Class",
          "description" : "",
          "propertyOrder" : 2300,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-auth-kba-index-attr" : {
          "title" : "Knowledge Based Authentication Active Index",
          "description" : "",
          "propertyOrder" : 5400,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-active" : {
          "title" : "User Status Active Value",
          "description" : "",
          "propertyOrder" : 2700,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-people-container-value" : {
          "title" : "LDAP People Container Value",
          "description" : "",
          "propertyOrder" : 5100,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-users-search-attribute" : {
          "title" : "LDAP Users  Search Attribute",
          "description" : "",
          "propertyOrder" : 2100,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-inactive" : {
          "title" : "User Status Inactive Value",
          "description" : "",
          "propertyOrder" : 2800,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "errorhandling" : {
      "type" : "object",
      "title" : "Error Handling Configuration",
      "propertyOrder" : 8,
      "properties" : {
        "com.iplanet.am.ldap.connection.delay.between.retries" : {
          "title" : "The Delay Time Between Retries",
          "description" : "In milliseconds.",
          "propertyOrder" : 5800,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        }
      }
    },
    "authentication" : {
      "type" : "object",
      "title" : "Authentication Configuration",
      "propertyOrder" : 4,
      "properties" : {
        "sun-idrepo-ldapv3-config-auth-naming-attr" : {
          "title" : "Authentication Naming Attribute",
          "description" : "",
          "propertyOrder" : 5200,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "pluginconfig" : {
      "type" : "object",
      "title" : "Plug-in Configuration",
      "propertyOrder" : 2,
      "properties" : {
        "sunIdRepoAttributeMapping" : {
          "title" : "Attribute Name Mapping",
          "description" : "",
          "propertyOrder" : 1800,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sunIdRepoSupportedOperations" : {
          "title" : "LDAPv3 Plug-in Supported Types and Operations",
          "description" : "",
          "propertyOrder" : 1900,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sunIdRepoClass" : {
          "title" : "LDAPv3 Repository Plug-in Class Name",
          "description" : "",
          "propertyOrder" : 1700,
          "required" : true,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "cachecontrol" : {
      "type" : "object",
      "title" : "Cache Control",
      "propertyOrder" : 9,
      "properties" : {
        "sun-idrepo-ldapv3-dncache-size" : {
          "title" : "DN Cache Size",
          "description" : "In DN items, only used when DN Cache is enabled.",
          "propertyOrder" : 6000,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-dncache-enabled" : {
          "title" : "DN Cache",
          "description" : "Used to enable/disable the DN Cache within the OpenAM repository implementation.<br><br>The DN Cache is used to cache DN lookups which tend to happen in bursts during authentication. The DN Cache can become out of date when a user is moved or renamed in the underlying LDAP store and this is not reflected in a persistent search result. Enable when the underlying LDAP store supports persistent search and move/rename (mod_dn) results are available.",
          "propertyOrder" : 5900,
          "required" : false,
          "type" : "boolean",
          "exampleValue" : ""
        }
      }
    },
    "persistentsearch" : {
      "type" : "object",
      "title" : "Persistent Search Controls",
      "propertyOrder" : 7,
      "properties" : {
        "sun-idrepo-ldapv3-config-psearch-filter" : {
          "title" : "Persistent Search Filter",
          "description" : "",
          "propertyOrder" : 5600,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-psearchbase" : {
          "title" : "Persistent Search Base DN",
          "description" : "",
          "propertyOrder" : 5500,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-psearch-scope" : {
          "title" : "Persistent Search Scope",
          "description" : "",
          "propertyOrder" : 5700,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    }
  }
}

delete

Usage

am> delete TivoliDirectoryServer --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

getAllTypes

Obtain the collection of all secondary configuration types related to the resource.

Usage

am> action TivoliDirectoryServer --realm Realm --actionName getAllTypes

getCreatableTypes

Obtain the collection of secondary configuration types that have yet to be added to the resource.

Usage

am> action TivoliDirectoryServer --realm Realm --actionName getCreatableTypes

nextdescendents

Obtain the collection of secondary configuration instances that have been added to the resource.

Usage

am> action TivoliDirectoryServer --realm Realm --actionName nextdescendents

query

Get the full list of instances of this collection. This query only supports _queryFilter=true filter.

Usage

am> query TivoliDirectoryServer --realm Realm --filter filter

Parameters

--filter

A CREST formatted query filter, where "true" will query all.

read

Usage

am> read TivoliDirectoryServer --realm Realm --id id

Parameters

--id

The unique identifier for the resource.

update

Usage

am> update TivoliDirectoryServer --realm Realm --id id --body body

Parameters

--id

The unique identifier for the resource.

--body

The resource in JSON format, described by the following JSON schema:

{
  "type" : "object",
  "properties" : {
    "groupconfig" : {
      "type" : "object",
      "title" : "Group Configuration",
      "propertyOrder" : 5,
      "properties" : {
        "sun-idrepo-ldapv3-config-group-attributes" : {
          "title" : "LDAP Groups Attributes",
          "description" : "",
          "propertyOrder" : 3400,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-dftgroupmember" : {
          "title" : "Default Group Member's User DN",
          "description" : "User automatically added when group is created.",
          "propertyOrder" : 3800,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-uniquemember" : {
          "title" : "Attribute Name of Unique Member",
          "description" : "",
          "propertyOrder" : 3600,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-group-container-name" : {
          "title" : "LDAP Groups Container Naming Attribute",
          "description" : "",
          "propertyOrder" : 3100,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-groups-search-attribute" : {
          "title" : "LDAP Groups Search Attribute",
          "description" : "",
          "propertyOrder" : 2900,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-memberof" : {
          "title" : "Attribute Name for Group Membership",
          "description" : "",
          "propertyOrder" : 3500,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-group-objectclass" : {
          "title" : "LDAP Groups Object Class",
          "description" : "",
          "propertyOrder" : 3300,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-groups-search-filter" : {
          "title" : "LDAP Groups Search Filter",
          "description" : "",
          "propertyOrder" : 3000,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-group-container-value" : {
          "title" : "LDAP Groups Container Value",
          "description" : "",
          "propertyOrder" : 3200,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "ldapsettings" : {
      "type" : "object",
      "title" : "Server Settings",
      "propertyOrder" : 0,
      "properties" : {
        "sun-idrepo-ldapv3-config-organization_name" : {
          "title" : "LDAP Organization DN",
          "description" : "",
          "propertyOrder" : 900,
          "required" : true,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-search-scope" : {
          "title" : "LDAPv3 Plug-in Search Scope",
          "description" : "",
          "propertyOrder" : 2000,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-authid" : {
          "title" : "LDAP Bind DN",
          "description" : "A user or admin with sufficient access rights to perform the supported operations.",
          "propertyOrder" : 700,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "openam-idrepo-ldapv3-heartbeat-interval" : {
          "title" : "LDAP Connection Heartbeat Interval",
          "description" : "Specifies how often should OpenAM send a heartbeat request to the directory.<br><br>This setting controls how often OpenAM <b>should</b> send a heartbeat search request to the configured directory. If a connection becomes unresponsive (e.g. due to a network error) then it may take up to the interval period before the problem is detected. Use along with the Heartbeat Time Unit parameter to define the exact interval. Zero or negative value will result in disabling heartbeat requests.",
          "propertyOrder" : 1300,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-max-result" : {
          "title" : "Maximum Results Returned from Search",
          "description" : "",
          "propertyOrder" : 1500,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-connection_pool_max_size" : {
          "title" : "LDAP Connection Pool Maximum Size",
          "description" : "",
          "propertyOrder" : 1200,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "openam-idrepo-ldapv3-behera-support-enabled" : {
          "title" : "Behera Support Enabled",
          "description" : "When enabled, Behera draft control will be used in the outgoing requests for operations that may modify password value. This will allow OpenAM to display password policy related error messages when password policies are not met.",
          "propertyOrder" : 6100,
          "required" : false,
          "type" : "boolean",
          "exampleValue" : ""
        },
        "openam-idrepo-ldapv3-affinity-enabled" : {
          "title" : "Affinity Enabled",
          "description" : "Enables affinity based request load balancing when accessing the user store servers (based on DN). It is imperative that the connection string setting is set to the same value for all OpenAM servers in the deployment when this feature is enabled.",
          "propertyOrder" : 6200,
          "required" : true,
          "type" : "boolean",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-ldap-server" : {
          "title" : "LDAP Server",
          "description" : "Format: LDAP server host name:port | server_ID | site_ID",
          "propertyOrder" : 600,
          "required" : true,
          "items" : {
            "type" : "string"
          },
          "minItems" : 1,
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-authpw" : {
          "title" : "LDAP Bind Password",
          "description" : "",
          "propertyOrder" : 800,
          "required" : false,
          "type" : "string",
          "format" : "password",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-connection_pool_min_size" : {
          "title" : "LDAP Connection Pool Minimum Size",
          "description" : "",
          "propertyOrder" : 1100,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-time-limit" : {
          "title" : "Search Timeout",
          "description" : "In seconds.",
          "propertyOrder" : 1600,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "openam-idrepo-ldapv3-heartbeat-timeunit" : {
          "title" : "LDAP Connection Heartbeat Time Unit",
          "description" : "Defines the time unit corresponding to the Heartbeat Interval setting.<br><br>This setting controls how often OpenAM <b>should</b> send a heartbeat search request to the configured directory. If a connection becomes unresponsive (e.g. due to a network error) then it may take up to the interval period before the problem is detected. Use along with the Heartbeat Interval parameter to define the exact interval.",
          "propertyOrder" : 1400,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-connection-mode" : {
          "title" : "LDAP Connection Mode",
          "description" : "Defines which protocol/operation is used to establish the connection to the LDAP Directory Server.<br><br>If 'LDAP' is selected, the connection <b>won't be secured</b> and passwords are transferred in <b>cleartext</b> over the network.<br/> If 'LDAPS' is selected, the connection is secured via SSL or TLS. <br/> If 'StartTLS' is selected, the connection is secured by using StartTLS extended operation.",
          "propertyOrder" : 1000,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "userconfig" : {
      "type" : "object",
      "title" : "User Configuration",
      "propertyOrder" : 3,
      "properties" : {
        "sun-idrepo-ldapv3-config-users-search-filter" : {
          "title" : "LDAP Users  Search Filter",
          "description" : "",
          "propertyOrder" : 2200,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-createuser-attr-mapping" : {
          "title" : "Create User Attribute Mapping",
          "description" : "Format: attribute name or TargetAttributeName=SourceAttributeName",
          "propertyOrder" : 2500,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-user-attributes" : {
          "title" : "LDAP User Attributes",
          "description" : "",
          "propertyOrder" : 2400,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-people-container-name" : {
          "title" : "LDAP People Container Naming Attribute",
          "description" : "",
          "propertyOrder" : 5000,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-auth-kba-attr" : {
          "title" : "Knowledge Based Authentication Attribute Name",
          "description" : "",
          "propertyOrder" : 5300,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-auth-kba-attempts-attr" : {
          "title" : "Knowledge Based Authentication Attempts Attribute Name",
          "description" : "",
          "propertyOrder" : 5340,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-isactive" : {
          "title" : "Attribute Name of User Status",
          "description" : "",
          "propertyOrder" : 2600,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-user-objectclass" : {
          "title" : "LDAP User Object Class",
          "description" : "",
          "propertyOrder" : 2300,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-auth-kba-index-attr" : {
          "title" : "Knowledge Based Authentication Active Index",
          "description" : "",
          "propertyOrder" : 5400,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-active" : {
          "title" : "User Status Active Value",
          "description" : "",
          "propertyOrder" : 2700,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-people-container-value" : {
          "title" : "LDAP People Container Value",
          "description" : "",
          "propertyOrder" : 5100,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-users-search-attribute" : {
          "title" : "LDAP Users  Search Attribute",
          "description" : "",
          "propertyOrder" : 2100,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-inactive" : {
          "title" : "User Status Inactive Value",
          "description" : "",
          "propertyOrder" : 2800,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "errorhandling" : {
      "type" : "object",
      "title" : "Error Handling Configuration",
      "propertyOrder" : 8,
      "properties" : {
        "com.iplanet.am.ldap.connection.delay.between.retries" : {
          "title" : "The Delay Time Between Retries",
          "description" : "In milliseconds.",
          "propertyOrder" : 5800,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        }
      }
    },
    "authentication" : {
      "type" : "object",
      "title" : "Authentication Configuration",
      "propertyOrder" : 4,
      "properties" : {
        "sun-idrepo-ldapv3-config-auth-naming-attr" : {
          "title" : "Authentication Naming Attribute",
          "description" : "",
          "propertyOrder" : 5200,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "pluginconfig" : {
      "type" : "object",
      "title" : "Plug-in Configuration",
      "propertyOrder" : 2,
      "properties" : {
        "sunIdRepoAttributeMapping" : {
          "title" : "Attribute Name Mapping",
          "description" : "",
          "propertyOrder" : 1800,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sunIdRepoSupportedOperations" : {
          "title" : "LDAPv3 Plug-in Supported Types and Operations",
          "description" : "",
          "propertyOrder" : 1900,
          "required" : false,
          "items" : {
            "type" : "string"
          },
          "type" : "array",
          "exampleValue" : ""
        },
        "sunIdRepoClass" : {
          "title" : "LDAPv3 Repository Plug-in Class Name",
          "description" : "",
          "propertyOrder" : 1700,
          "required" : true,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    },
    "cachecontrol" : {
      "type" : "object",
      "title" : "Cache Control",
      "propertyOrder" : 9,
      "properties" : {
        "sun-idrepo-ldapv3-dncache-size" : {
          "title" : "DN Cache Size",
          "description" : "In DN items, only used when DN Cache is enabled.",
          "propertyOrder" : 6000,
          "required" : false,
          "type" : "integer",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-dncache-enabled" : {
          "title" : "DN Cache",
          "description" : "Used to enable/disable the DN Cache within the OpenAM repository implementation.<br><br>The DN Cache is used to cache DN lookups which tend to happen in bursts during authentication. The DN Cache can become out of date when a user is moved or renamed in the underlying LDAP store and this is not reflected in a persistent search result. Enable when the underlying LDAP store supports persistent search and move/rename (mod_dn) results are available.",
          "propertyOrder" : 5900,
          "required" : false,
          "type" : "boolean",
          "exampleValue" : ""
        }
      }
    },
    "persistentsearch" : {
      "type" : "object",
      "title" : "Persistent Search Controls",
      "propertyOrder" : 7,
      "properties" : {
        "sun-idrepo-ldapv3-config-psearch-filter" : {
          "title" : "Persistent Search Filter",
          "description" : "",
          "propertyOrder" : 5600,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-psearchbase" : {
          "title" : "Persistent Search Base DN",
          "description" : "",
          "propertyOrder" : 5500,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        },
        "sun-idrepo-ldapv3-config-psearch-scope" : {
          "title" : "Persistent Search Scope",
          "description" : "",
          "propertyOrder" : 5700,
          "required" : false,
          "type" : "string",
          "exampleValue" : ""
        }
      }
    }
  }
}