Module parameters

This section includes the main parameters for the ADResetClient module.

Note that all operations regarding passwords in Active Directory requires secure connections (LDAPS).

Name

Description

Default

Mandatory

name

Destination name. Unique identifier for a specific configuration/connection/service. This value must be unique for all ldapclient configurations.

"default"

instances

Number of instances to deploy.

1

connection

{
  "name": "ADResetClient",
  "instances": 1,
  "config": {
    "name" : "my_client_instance",
    "connection" : {
      "host" : "127.0.0.1",
      "port" : 636,
      "bind_dn" : "CN=admin,CN=Users,DC=company,DC=local",
      "bind_password" : "password",
      "use_ssl" : true,
      "ssl_trust_all": true
    }
  }
}

Connection

Name

Description

Default

Mandatory

host

Hostname or Ip-address to LDAP directory service.

port

Listen port of LDAP directory service.

bind_dn

DN of user/account used to connect to LDAP service.

bind_password

Password of user/account used to connect to LDAP service.

connect_timeout_ms

Specifies the maximum length of time in milliseconds that a connection attempt should be allowed to continue before giving up. A value of zero indicates that there should be no connect timeout.

10000

response_timeout_ms

Specifies the maximum length of time in milliseconds that an operation should be allowed to block while waiting for a response from the server. A value of zero indicates that there should be no timeout.

2000

abandon_on_timeout

Specifies whether the LDAP client should attempt to abandon any request for which no response is received in the maximum response timeout period.

true

follow_referrals

Specifies whether associated connections should attempt to follow any referrals that they encounter, using the referral connector for the associated connection.

false

use_keep_alive

Specifies whether to use the SO_KEEPALIVE option for the underlying sockets used by associated connections.

false

use_linger

Specifies whether to use the SO_LINGER option for the underlying sockets used by associated connections.

false

linger_timeout_secs

SO_LINGER timeout in seconds.

30

use_schema

Specifies whether to try to use schema information when reading data from the server (e.g., to select the appropriate matching rules for the attributes included in a search result entry).

true

use_ssl

Specifies if SSL/TLS should be used or not.

true

ssl_trust_all

Turns on/off trust validation for SSL/TLS connections.

false

ssl_truststore_path

Path to custom SSL truststore. If not specified, the default Java truststore will be used.

ssl_truststore_password

Custom truststore password

ssl_truststore_validate_time

Turns on/off peer certificate validity check.

true

"connection" : {
      "host" : "127.0.0.1",
      "port" : 636,
      "bind_dn" : "CN=admin,CN=Users,DC=company,DC=local",
      "bind_password" : "password",
      "use_ssl" : true,
      "ssl_trust_all": true
    }