Security for AD Configuration
AD General Setting
| Field | Type | Read only | Description |
|---|---|---|---|
Status | String | False | Indicator of whether the AD service is enabled |
RacUserName | String | False | User name of an administrator of the AD server |
RacUserPassword | String | False | Password of the administrator |
RacDomain | String | False | Domain for the user |
DCserver1 | String | False | IP address of the AD server 1 |
DCserver2 | String | False | IP address of the AD server 2 |
DCserver3 | String | False | IP address of the AD server 3 |
Request
Get AD General Setting
GET https://{{ip}}/redfish/v1/AccountService/Oem/Lenovo/AD/GeneralSetting
Content-Type: application/json
Response
{
"@odata.context":
"/redfish/v1/$metadata#AccountService.AccountService
(DCServer3,@odata.id,Status,DCServer1,Name,RacUserName,DCServer2,Id,RacDomain)",
"@odata.etag": "\"1583375634\"",
"@odata.id": "/redfish/v1/AccountService/Oem/Lenovo/AD/GeneralSetting",
"@odata.type": "#AccountService.v1_5_0.AccountService",
"DCServer1": "192.168.101.253",
"DCServer2": "192.168.101.254",
"DCServer3": "192.168.101.255",
"Id": "AD Config",
"Name": "AccountService AD Config",
"RacDomain": "lenovo.com",
"RacUserName": "LNV023",
"Status": "enable"
}
Request
PATCH AD General Setting
PATCH https://{{ip}}/redfish/v1/AccountService/Oem/Lenovo/AD/GeneralSetting
Content-Type: application/json
Request body
The properties of this URL should be patched in a group. See the following example patch body:
{
"Status" : "enable",
"RacUserName" : "LNV024",
"RacUserPassword" : "pw2324",
"RacDomain" : "lenovo.com",
"DCServer1" : "192.168.101.253",
"DCServer2" : "192.168.101.254",
"DCServer3" : "192.168.101.255"
}
Response
The response content is 204 with no body.
AD Role Group Setting
| Field | Type | Read only | Description |
|---|---|---|---|
RoleGroupName | String | False | Role group name. |
RoleGroupDomain | String | False | Role group domain. |
RoleGroupPrivilege | Number | False | Privilege can be none, User, Operator, Administrator, or Oem. |
RoleGroupExtendPrivilege | String | False | Extended privilege, which can be configured as none, KVM enable, Vmedia enable, or both KVM and Vmedia enable. |
Request
Get AD Role Group Setting
GET https://{{ip}}/redfish/v1/AccountService/Oem/Lenovo/AD/RoleGroup/{id}
Content-Type: application/json
Response example
{
"@odata.context": "/redfish/v1/$metadata#AccountService.AccountService",
"@odata.etag": "\"1583378837\"",
"@odata.id": "/redfish/v1/AccountService/Oem/Lenovo/AD/RoleGroup/5",
"@odata.type": "#AccountService.v1_5_0.AccountService",
"Id": "AD USER",
"Name": "AccountService AD User",
"RoleGroupDomain": "lenovo.com",
"RoleGroupExtendPrivilege": "Vmedia enable",
"RoleGroupName": "LNV023",
"RoleGroupPrivilege": "Operator"
}
Request
PATCH AD Role Group Setting
PATCH https://{{ip}}/redfish/v1/AccountService/Oem/Lenovo/AD/RoleGroup/{id}
Content-Type: application/json
Request body
The properties of this URL should be patched in a group. See the following example patch body:
{
"RoleGroupName": "LNVGP1",
"RoleGroupDomain": "lenovo.com",
"RoleGroupPrivilege": "Administrator",
"RoleGroupExtendPrivilege": "KVM enable"
}
Response
The response content is 204 with no body.