netscaler.adc.aaaldapparams module – Configuration for LDAP parameter resource.

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.aaaldapparams.

New in netscaler.adc 2.0.0

Synopsis

  • Configuration for LDAP parameter resource.

Parameters

Parameter

Comments

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

authtimeout

any

Maximum number of seconds that the Citrix ADC waits for a response from the LDAP server.

defaultauthenticationgroup

any

This is the default group that is chosen when the authentication succeeds in addition to extracted groups.

groupattrname

any

Attribute name used for group extraction from the LDAP server.

groupnameidentifier

any

LDAP-group attribute that uniquely identifies the group. No two groups on one LDAP server can have the same group name identifier.

groupsearchattribute

any

LDAP-group attribute that designates the parent group of the specified group. Use this attribute to search for a group’s parent group.

groupsearchfilter

any

Search-expression that can be specified for sending group-search requests to the LDAP server.

groupsearchsubattribute

any

LDAP-group subattribute that designates the parent group of the specified group. Use this attribute to search for a group’s parent group.

ldapbase

any

Base (the server and location) from which LDAP search commands should start.

If the LDAP server is running locally, the default value of base is dc=netscaler, dc=com.

ldapbinddn

any

Complete distinguished name (DN) string used for binding to the LDAP server.

ldapbinddnpassword

any

Password for binding to the LDAP server.

ldaploginname

any

Name attribute that the Citrix ADC uses to query the external LDAP server or an Active Directory.

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

maxnestinglevel

any

Number of levels up to which the system can query nested LDAP groups.

nestedgroupextraction

any

Queries the external LDAP server to determine whether the specified group belongs to another group.

Choices:

  • "ON"

  • "OFF"

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

passwdchange

any

Accept password change requests.

Choices:

  • "ENABLED"

  • "DISABLED"

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

searchfilter

any

String to be combined with the default LDAP user search string to form the value to use when executing an LDAP search.

For example, the following values:

vpnallowed=true,

ldaploginame=””samaccount””

when combined with the user-supplied username “”bob””, yield the following LDAP search string:

“”(&(vpnallowed=true)(samaccount=bob)””

sectype

any

Type of security used for communications between the Citrix ADC and the LDAP server. For the PLAINTEXT setting, no encryption is required.

Choices:

  • "PLAINTEXT"

  • "TLS"

  • "SSL"

serverip

any

IP address of your LDAP server.

serverport

any

Port number on which the LDAP server listens for connections.

ssonameattribute

any

Attribute used by the Citrix ADC to query an external LDAP server or Active Directory for an alternative username.

This alternative username is then used for single sign-on (SSO).

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When unset, the resource will be unset on the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "unset"

subattributename

any

Subattribute name used for group extraction from the LDAP server.

svrtype

any

The type of LDAP server.

Choices:

  • "AD"

  • "NDS"

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

Notes

Note

Examples

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)