On This Page
Configure LDAP Vendor Attributes for SecureTrack
The configure_ldap_vendor_configuration
script (located in /opt/tufin/securitysuite/scripts/)
is used to configure the LDAP vendor attributes.
You can:
- Create a new vendor and add the relevant attributes.
- Customize the attributes for an existing LDAP vendor.
You can create a shell file with a list of commands, where each command configures a different attribute. Sample script files to create custom LDAPs can be found in: /opt/tufin/share/docs/examples/ldap_vendors/
Syntax
The add_or_update
action:
- Creates the specified vendor if it does not exist and adds the specified attribute.
- Creates the specified attribute for an existing vendor.
-
Updates a value for an existing vendor.
configure_ldap_vendor_configuration.sh --action add_or_update --vendor '<vendor_name>' --attr_objective '<attr_objective>' --attr_name '<attr_name>' --attr_type '<attr_type>'
Supported arguments
|
|
|
The vendor name that is displayed in SecureTrack: Settings > Configuration > External Authentication > LDAP Authentication > Server Type |
|
An attribute from the list of LDAP server attributes |
|
The name of the LDAP server field that corresponds to the attr_objective |
|
Supported attribute types:
|
Sample code
-
For the Active Directory vendor, update the mail attribute name to the string "mail":
configure_ldap_vendor_configuration.sh --action add_or_update --vendor 'Active Directory' --attr_objective 'mailAttributeName' --attr_name 'mail' --attr_type 'string'