nsxt 3.8.1, Apr 30 25

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

nsxt.PolicyLdapIdentitySource

Explore with Pulumi AI

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

Create PolicyLdapIdentitySource Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new PolicyLdapIdentitySource(name: string, args: PolicyLdapIdentitySourceArgs, opts?: CustomResourceOptions);

@overload
def PolicyLdapIdentitySource(resource_name: str,
                             args: PolicyLdapIdentitySourceArgs,
                             opts: Optional[ResourceOptions] = None)

@overload
def PolicyLdapIdentitySource(resource_name: str,
                             opts: Optional[ResourceOptions] = None,
                             base_dn: Optional[str] = None,
                             domain_name: Optional[str] = None,
                             ldap_server: Optional[PolicyLdapIdentitySourceLdapServerArgs] = None,
                             nsx_id: Optional[str] = None,
                             type: Optional[str] = None,
                             alternative_domain_names: Optional[Sequence[str]] = None,
                             description: Optional[str] = None,
                             policy_ldap_identity_source_id: Optional[str] = None,
                             tags: Optional[Sequence[PolicyLdapIdentitySourceTagArgs]] = None)

func NewPolicyLdapIdentitySource(ctx *Context, name string, args PolicyLdapIdentitySourceArgs, opts ...ResourceOption) (*PolicyLdapIdentitySource, error)

public PolicyLdapIdentitySource(string name, PolicyLdapIdentitySourceArgs args, CustomResourceOptions? opts = null)

public PolicyLdapIdentitySource(String name, PolicyLdapIdentitySourceArgs args)
public PolicyLdapIdentitySource(String name, PolicyLdapIdentitySourceArgs args, CustomResourceOptions options)

type: nsxt:PolicyLdapIdentitySource
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args PolicyLdapIdentitySourceArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args PolicyLdapIdentitySourceArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args PolicyLdapIdentitySourceArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args PolicyLdapIdentitySourceArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args PolicyLdapIdentitySourceArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var policyLdapIdentitySourceResource = new Nsxt.PolicyLdapIdentitySource("policyLdapIdentitySourceResource", new()
{
    BaseDn = "string",
    DomainName = "string",
    LdapServer = new Nsxt.Inputs.PolicyLdapIdentitySourceLdapServerArgs
    {
        Url = "string",
        BindIdentity = "string",
        Certificates = new[]
        {
            "string",
        },
        Enabled = false,
        Password = "string",
        UseStarttls = false,
    },
    NsxId = "string",
    Type = "string",
    AlternativeDomainNames = new[]
    {
        "string",
    },
    Description = "string",
    PolicyLdapIdentitySourceId = "string",
    Tags = new[]
    {
        new Nsxt.Inputs.PolicyLdapIdentitySourceTagArgs
        {
            Scope = "string",
            Tag = "string",
        },
    },
});

example, err := nsxt.NewPolicyLdapIdentitySource(ctx, "policyLdapIdentitySourceResource", &nsxt.PolicyLdapIdentitySourceArgs{
	BaseDn:     pulumi.String("string"),
	DomainName: pulumi.String("string"),
	LdapServer: &nsxt.PolicyLdapIdentitySourceLdapServerArgs{
		Url:          pulumi.String("string"),
		BindIdentity: pulumi.String("string"),
		Certificates: pulumi.StringArray{
			pulumi.String("string"),
		},
		Enabled:     pulumi.Bool(false),
		Password:    pulumi.String("string"),
		UseStarttls: pulumi.Bool(false),
	},
	NsxId: pulumi.String("string"),
	Type:  pulumi.String("string"),
	AlternativeDomainNames: pulumi.StringArray{
		pulumi.String("string"),
	},
	Description:                pulumi.String("string"),
	PolicyLdapIdentitySourceId: pulumi.String("string"),
	Tags: nsxt.PolicyLdapIdentitySourceTagArray{
		&nsxt.PolicyLdapIdentitySourceTagArgs{
			Scope: pulumi.String("string"),
			Tag:   pulumi.String("string"),
		},
	},
})

var policyLdapIdentitySourceResource = new PolicyLdapIdentitySource("policyLdapIdentitySourceResource", PolicyLdapIdentitySourceArgs.builder()
    .baseDn("string")
    .domainName("string")
    .ldapServer(PolicyLdapIdentitySourceLdapServerArgs.builder()
        .url("string")
        .bindIdentity("string")
        .certificates("string")
        .enabled(false)
        .password("string")
        .useStarttls(false)
        .build())
    .nsxId("string")
    .type("string")
    .alternativeDomainNames("string")
    .description("string")
    .policyLdapIdentitySourceId("string")
    .tags(PolicyLdapIdentitySourceTagArgs.builder()
        .scope("string")
        .tag("string")
        .build())
    .build());

policy_ldap_identity_source_resource = nsxt.PolicyLdapIdentitySource("policyLdapIdentitySourceResource",
    base_dn="string",
    domain_name="string",
    ldap_server={
        "url": "string",
        "bind_identity": "string",
        "certificates": ["string"],
        "enabled": False,
        "password": "string",
        "use_starttls": False,
    },
    nsx_id="string",
    type="string",
    alternative_domain_names=["string"],
    description="string",
    policy_ldap_identity_source_id="string",
    tags=[{
        "scope": "string",
        "tag": "string",
    }])

const policyLdapIdentitySourceResource = new nsxt.PolicyLdapIdentitySource("policyLdapIdentitySourceResource", {
    baseDn: "string",
    domainName: "string",
    ldapServer: {
        url: "string",
        bindIdentity: "string",
        certificates: ["string"],
        enabled: false,
        password: "string",
        useStarttls: false,
    },
    nsxId: "string",
    type: "string",
    alternativeDomainNames: ["string"],
    description: "string",
    policyLdapIdentitySourceId: "string",
    tags: [{
        scope: "string",
        tag: "string",
    }],
});

type: nsxt:PolicyLdapIdentitySource
properties:
    alternativeDomainNames:
        - string
    baseDn: string
    description: string
    domainName: string
    ldapServer:
        bindIdentity: string
        certificates:
            - string
        enabled: false
        password: string
        url: string
        useStarttls: false
    nsxId: string
    policyLdapIdentitySourceId: string
    tags:
        - scope: string
          tag: string
    type: string

PolicyLdapIdentitySource Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The PolicyLdapIdentitySource resource accepts the following input properties:

BaseDn string: DN of subtree for user and group searches.
DomainName string: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
LdapServer PolicyLdapIdentitySourceLdapServer: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
NsxId string: The NSX ID of this resource.
Type string: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.
AlternativeDomainNames List<string>: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
Description string: Description of the resource.
PolicyLdapIdentitySourceId string: ID of the resource.
Tags List<PolicyLdapIdentitySourceTag>: A list of scope + tag pairs to associate with this resource.

BaseDn string: DN of subtree for user and group searches.
DomainName string: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
LdapServer PolicyLdapIdentitySourceLdapServerArgs: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
NsxId string: The NSX ID of this resource.
Type string: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.
AlternativeDomainNames []string: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
Description string: Description of the resource.
PolicyLdapIdentitySourceId string: ID of the resource.
Tags []PolicyLdapIdentitySourceTagArgs: A list of scope + tag pairs to associate with this resource.

baseDn String: DN of subtree for user and group searches.
domainName String: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
ldapServer PolicyLdapIdentitySourceLdapServer: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
nsxId String: The NSX ID of this resource.
type String: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.
alternativeDomainNames List<String>: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
description String: Description of the resource.
policyLdapIdentitySourceId String: ID of the resource.
tags List<PolicyLdapIdentitySourceTag>: A list of scope + tag pairs to associate with this resource.

baseDn string: DN of subtree for user and group searches.
domainName string: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
ldapServer PolicyLdapIdentitySourceLdapServer: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
nsxId string: The NSX ID of this resource.
type string: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.
alternativeDomainNames string[]: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
description string: Description of the resource.
policyLdapIdentitySourceId string: ID of the resource.
tags PolicyLdapIdentitySourceTag[]: A list of scope + tag pairs to associate with this resource.

base_dn str: DN of subtree for user and group searches.
domain_name str: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
ldap_server PolicyLdapIdentitySourceLdapServerArgs: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
nsx_id str: The NSX ID of this resource.
type str: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.
alternative_domain_names Sequence[str]: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
description str: Description of the resource.
policy_ldap_identity_source_id str: ID of the resource.
tags Sequence[PolicyLdapIdentitySourceTagArgs]: A list of scope + tag pairs to associate with this resource.

baseDn String: DN of subtree for user and group searches.
domainName String: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
ldapServer Property Map: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
nsxId String: The NSX ID of this resource.
type String: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.
alternativeDomainNames List<String>: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
description String: Description of the resource.
policyLdapIdentitySourceId String: ID of the resource.
tags List<Property Map>: A list of scope + tag pairs to associate with this resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the PolicyLdapIdentitySource resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Id string: The provider-assigned unique ID for this managed resource.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id string: The provider-assigned unique ID for this managed resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id str: The provider-assigned unique ID for this managed resource.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

id String: The provider-assigned unique ID for this managed resource.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.

Look up Existing PolicyLdapIdentitySource Resource

Get an existing PolicyLdapIdentitySource resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PolicyLdapIdentitySourceState, opts?: CustomResourceOptions): PolicyLdapIdentitySource

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        alternative_domain_names: Optional[Sequence[str]] = None,
        base_dn: Optional[str] = None,
        description: Optional[str] = None,
        domain_name: Optional[str] = None,
        ldap_server: Optional[PolicyLdapIdentitySourceLdapServerArgs] = None,
        nsx_id: Optional[str] = None,
        policy_ldap_identity_source_id: Optional[str] = None,
        revision: Optional[float] = None,
        tags: Optional[Sequence[PolicyLdapIdentitySourceTagArgs]] = None,
        type: Optional[str] = None) -> PolicyLdapIdentitySource

func GetPolicyLdapIdentitySource(ctx *Context, name string, id IDInput, state *PolicyLdapIdentitySourceState, opts ...ResourceOption) (*PolicyLdapIdentitySource, error)

public static PolicyLdapIdentitySource Get(string name, Input<string> id, PolicyLdapIdentitySourceState? state, CustomResourceOptions? opts = null)

public static PolicyLdapIdentitySource get(String name, Output<String> id, PolicyLdapIdentitySourceState state, CustomResourceOptions options)

resources:  _:    type: nsxt:PolicyLdapIdentitySource    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AlternativeDomainNames List<string>: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
BaseDn string: DN of subtree for user and group searches.
Description string: Description of the resource.
DomainName string: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
LdapServer PolicyLdapIdentitySourceLdapServer: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
NsxId string: The NSX ID of this resource.
PolicyLdapIdentitySourceId string: ID of the resource.
Revision double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
Tags List<PolicyLdapIdentitySourceTag>: A list of scope + tag pairs to associate with this resource.
Type string: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.

AlternativeDomainNames []string: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
BaseDn string: DN of subtree for user and group searches.
Description string: Description of the resource.
DomainName string: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
LdapServer PolicyLdapIdentitySourceLdapServerArgs: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
NsxId string: The NSX ID of this resource.
PolicyLdapIdentitySourceId string: ID of the resource.
Revision float64: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
Tags []PolicyLdapIdentitySourceTagArgs: A list of scope + tag pairs to associate with this resource.
Type string: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.

alternativeDomainNames List<String>: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
baseDn String: DN of subtree for user and group searches.
description String: Description of the resource.
domainName String: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
ldapServer PolicyLdapIdentitySourceLdapServer: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
nsxId String: The NSX ID of this resource.
policyLdapIdentitySourceId String: ID of the resource.
revision Double: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
tags List<PolicyLdapIdentitySourceTag>: A list of scope + tag pairs to associate with this resource.
type String: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.

alternativeDomainNames string[]: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
baseDn string: DN of subtree for user and group searches.
description string: Description of the resource.
domainName string: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
ldapServer PolicyLdapIdentitySourceLdapServer: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
nsxId string: The NSX ID of this resource.
policyLdapIdentitySourceId string: ID of the resource.
revision number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
tags PolicyLdapIdentitySourceTag[]: A list of scope + tag pairs to associate with this resource.
type string: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.

alternative_domain_names Sequence[str]: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
base_dn str: DN of subtree for user and group searches.
description str: Description of the resource.
domain_name str: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
ldap_server PolicyLdapIdentitySourceLdapServerArgs: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
nsx_id str: The NSX ID of this resource.
policy_ldap_identity_source_id str: ID of the resource.
revision float: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
tags Sequence[PolicyLdapIdentitySourceTagArgs]: A list of scope + tag pairs to associate with this resource.
type str: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.

alternativeDomainNames List<String>: Additional domains to be directed to this identity source. After parsing the "user@domain", the domain portion is used to select the LDAP identity source to use. Additional domains listed here will also be directed to this LDAP identity source. In Active Directory these are sometimes referred to as Alternative UPN Suffixes.
baseDn String: DN of subtree for user and group searches.
description String: Description of the resource.
domainName String: Authentication domain name. This is the name of the authentication domain. When users log into NSX using an identity of the form "user@domain", NSX uses the domain portion to determine which LDAP identity source to use.
ldapServer Property Map: List of LDAP servers that provide LDAP service for this identity source. Currently, only one LDAP server is supported.
nsxId String: The NSX ID of this resource.
policyLdapIdentitySourceId String: ID of the resource.
revision Number: Indicates current revision number of the object as seen by NSX-T API server. This attribute can be useful for debugging.
tags List<Property Map>: A list of scope + tag pairs to associate with this resource.
type String: Indicates the type of the LDAP identity source. Valid values are ActiveDirectory, OpenLdap.

Supporting Types

PolicyLdapIdentitySourceLdapServer, PolicyLdapIdentitySourceLdapServerArgs

Url string: The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.
BindIdentity string: Username or DN for LDAP authentication.This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. administrator@airius.com) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).
Certificates List<string>: TLS certificate(s) for LDAP server(s). If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.
Enabled bool: Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users. Default value is ture.
Password string: A password used when authenticating to the directory.
UseStarttls bool: If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.

Url string: The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.
BindIdentity string: Username or DN for LDAP authentication.This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. administrator@airius.com) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).
Certificates []string: TLS certificate(s) for LDAP server(s). If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.
Enabled bool: Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users. Default value is ture.
Password string: A password used when authenticating to the directory.
UseStarttls bool: If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.

url String: The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.
bindIdentity String: Username or DN for LDAP authentication.This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. administrator@airius.com) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).
certificates List<String>: TLS certificate(s) for LDAP server(s). If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.
enabled Boolean: Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users. Default value is ture.
password String: A password used when authenticating to the directory.
useStarttls Boolean: If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.

url string: The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.
bindIdentity string: Username or DN for LDAP authentication.This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. administrator@airius.com) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).
certificates string[]: TLS certificate(s) for LDAP server(s). If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.
enabled boolean: Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users. Default value is ture.
password string: A password used when authenticating to the directory.
useStarttls boolean: If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.

url str: The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.
bind_identity str: Username or DN for LDAP authentication.This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. administrator@airius.com) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).
certificates Sequence[str]: TLS certificate(s) for LDAP server(s). If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.
enabled bool: Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users. Default value is ture.
password str: A password used when authenticating to the directory.
use_starttls bool: If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.

url String: The URL for the LDAP server. Supported URL schemes are LDAP and LDAPS. Either a hostname or an IP address may be given, and the port number is optional and defaults to 389 for the LDAP scheme and 636 for the LDAPS scheme.
bindIdentity String: Username or DN for LDAP authentication.This user should have privileges to search the LDAP directory for groups and users. This user is also used in some cases (OpenLDAP) to look up an NSX user's distinguished name based on their NSX login name. If omitted, NSX will authenticate to the LDAP server using an LDAP anonymous bind operation. For Active Directory, provide a userPrincipalName (e.g. administrator@airius.com) or the full distinguished nane. For OpenLDAP, provide the distinguished name of the user (e.g. uid=admin, cn=airius, dc=com).
certificates List<String>: TLS certificate(s) for LDAP server(s). If using LDAPS or STARTTLS, provide the X.509 certificate of the LDAP server in PEM format. This property is not required when connecting without TLS encryption and is ignored in that case.
enabled Boolean: Allows the LDAP server to be enabled or disabled. When disabled, this LDAP server will not be used to authenticate users. Default value is ture.
password String: A password used when authenticating to the directory.
useStarttls Boolean: If set to true, Use the StartTLS extended operation to upgrade the connection to TLS before sending any sensitive information. The LDAP server must support the StartTLS extended operation in order for this protocol to operate correctly. This option is ignored if the URL scheme is LDAPS.

PolicyLdapIdentitySourceTag, PolicyLdapIdentitySourceTagArgs

Scope string
Tag string: A list of scope + tag pairs to associate with this resource.

Scope string
Tag string: A list of scope + tag pairs to associate with this resource.

scope String
tag String: A list of scope + tag pairs to associate with this resource.

scope string
tag string: A list of scope + tag pairs to associate with this resource.

scope str
tag str: A list of scope + tag pairs to associate with this resource.

scope String
tag String: A list of scope + tag pairs to associate with this resource.

Package Details

Repository: nsxt vmware/terraform-provider-nsxt
License
Notes: This Pulumi package is based on the nsxt Terraform Provider.

nsxt 3.8.1 published on Wednesday, Apr 30, 2025 by vmware

vmware/terraform-provider-nsxt

nsxt.PolicyLdapIdentitySource

On this page

On this page

Create PolicyLdapIdentitySource Resource

Constructor syntax

Parameters

Constructor example

PolicyLdapIdentitySource Resource Properties

Inputs

Outputs

Look up Existing PolicyLdapIdentitySource Resource

Supporting Types

PolicyLdapIdentitySourceLdapServer, PolicyLdapIdentitySourceLdapServerArgs

PolicyLdapIdentitySourceTag, PolicyLdapIdentitySourceTagArgs

Package Details

On this page

On this page