ActiveVsanDirectoryServerConfig

ActiveVsanDirectoryServerConfig
ActiveVsanDirectoryServerConfig

The Active Directory server configuration which can be used to communicate and authenticate with a Microsoft Active Directory server.

This structure may be used only with operations rendered under /vsan.

AllOf
This class requires all of the following:
JSON Example
{
    "_typeName": "string",
    "activeDirectoryDomainName": "string",
    "username": "string",
    "password": "string",
    "organizationalUnit": "string",
    "preferredADServers": [
        "string"
    ]
}
string
activeDirectoryDomainName
Optional

Microsoft Active Directory Domain name which will be used for authentication for Kerberos based NFS share and SMB shares.

The active directory domain name should be of the form 'example.com'.

string
username
Optional

Username that is used to connect and configure the directory service.

This user is required to have sufficient previleges in provided Organizational Unit to:

  • Create and delete Computer Objects.
  • Read and Write ms-DS-PrincipleName.
  • Read and Write uPNSuffixes.
string As password As password
password
Optional

Password for the domain user.

string
organizationalUnit
Optional

Active Directory's Organizational Unit.

This is where all file server computer objects will be created. If it is not specified while creating File Service Domain, by default Computers OU will be used. We recommend an OU must be pre-created in Active Directory and default Computers OU should not be used. Best way to get your OU name right is by following below convention: https://support.microsoft.com/en-in/help/909264/naming-conventions-in-active-directory-for-computers-domains-sites-and As best practice for security and manageability, we recommend:

  • Create a dedicated OU for vSAN file service.
  • Create a basic domain user.
  • Mark the OU managed by this domain user.

Note in the case of nested OU, "/" can be used as seperator.

array of string
preferredADServers
Optional

Preferred AD servers which are used to do username/password validation.

IP or FQDN is required for each AD server. For now, only IP format is supported.