Home
Operate and maintain
Documents in this section provide background concepts and procedures for planning, deploying, and maintaining fabrics using the Fabric Services System.
User Guide
This document describes concepts necessary to use the Fabric Services System. It also includes procedures for designing, deploying, and maintaining fabrics, and designating fabric resources for allocation to specific sources of demand.
Security
LDAP server integration
Federation Provider parameters

Operate and maintain
Documents in this section provide background concepts and procedures for planning, deploying, and maintaining fabrics using the Fabric Services System.
- User Guide
  This document describes concepts necessary to use the Fabric Services System. It also includes procedures for designing, deploying, and maintaining fabrics, and designating fabric resources for allocation to specific sources of demand.
- Digital Sandbox CLI Guide
  This document describes concepts and commands required to interact directly with the Digital Sandbox, a network simulator to which you can deploy fabric intents and workload intents from the Fabric Services System.
- API Integration Guide
  This document describes aspects of the Fabric Services System REST API.
- Connect Guide
  This document describes aspects of the Fabric Services System Connect, a collection of intermediary software that acts as a bridge between the Fabric Services System and different cloud environments.

Federation Provider parameters

Table 1. General parameters
Parameter	Description	Values
Name	This parameter specifies the name of the Federation Provider instance. This value cannot be edited after the instance has been created.	String
Enabled	This parameter indicates whether the Federation Provider is supported.	Default: enabled
Import Users	This parameter indicates whether the users should be synchronized from the LDAP server.	Default: enabled
Vendor	The parameter specifies the LDAP vendor type.	Active Directory: for Active Directory LDAP servers Other: for other LDAP servers, such as OpenLDAP

Table 2. LDAP server settings
Parameter	Description	Values
Connection URL	This parameter specifies IP address of the LDAP server and the port on which it is running.	—
Use TLS	This parameter enables the use of StartTLS when using regular LDAP (not LDAPS). This flag can only be enabled for the regular LDAP protocol, as it only applies in that case. If this parameter is enabled with LDAPS, the connection to the LDAPS server fails.	Default: disabled
Bind Type	This parameter specifies how a user authenticates.	simple: a user authenticates with the values for Bind DN and Bind Credential none: use anonymous connections to LDAP
Bind DN	This parameter specifies the distinguished name (DN) of an LDAP admin user to connect to LDAP.	string
Bind Credential	This parameter specifies the admin password.	If the Bind Type parameter is set to `simple`, this password is used to authenticate
User DN	This parameter is the full DN of the LDAP tree where the users can be found in the LDAP server.	Fully qualified domain name
Username LDAP attribute	The name of attribute that must be used as the username within the Fabric Services System.	Dynamically filled based on the value of the Vendor parameter, but is editable: Active Directory: `cn` Other: `uid` Usually the user ID, `uid`
RDN LDAP Attribute	The name of the LDAP attribute used for the relative distinguished name of a typical user DN.	Dynamically filled based on the value of the Vendor parameter, but is editable: Active Directory: `cn` Other: `uid` Usually the user ID, `uid`
UUID LDAP Attribute	The parameter shows the name of the LDAP attribute that is used as a unique identifier for objects in LDAP.	Dynamically filled based on the value of the Vendor parameter, but is editable: Active Directory: `objectGUID` Other: `entryUUID` Usually the user ID, `uid`
User Object Classes	Specify a comma-separated list of user object classes used by LDAP to identify a user. Users can only be found if they have these Object Classes.	Dynamically filled based on the value of the Vendor parameter, but is editable: Active Directory: `person, organizationalPerson, user` Other: `inetOrgPerson, organizationalPerson`
Custom User LDAP Filter	You can specify a filter to select the users that should be synchronized.	Filter string, enclosed in parentheses `()`
Search Scope	This parameter specifies the type of search.	One Level or Subtree

Table 3. Advanced settings
Parameter	Description	Values
Connection Timeout	This parameter specifies the LDAP server connection timeout, in milliseconds.	Default: 0
Read Timeout	This parameter specifies the LDAP read timeout, in milliseconds.	Default: 0
Pagination	This parameter indicates whether the Federation Provider supports pagination when fetching users.	Default: enabled
Sync Batch Size	This parameter specifies the number of users to synchronize from the LDAP server in a single transaction.	Default: 1000

June 5, 2023