GET – Account management properties
Use the GET method to retrieve properties in AccountService resource for Redfish service.
Request URL
GET https://<BMC_IPADDR>/redfish/v1/AccountService
Request body
None
Response body
| Field | Type | Description | |||
|---|---|---|---|---|---|
AccountLockoutThreshold | Number | The number of failed login attempts before a user account is locked for a specified duration. The value should be between 0 and 10. | |||
AccountLockoutDuration | Number | The time in seconds an account is locked after the account lockout threshold is met. If the value is 0, the property will show null, otherwise it is 60~172800 | |||
AccountLockoutCounterResetEnabled | Boolean | The value indicates whether the threshold counter will be reset before account is locked for a specified duration. | |||
AccountLockoutCounterResetAfter | Number | This property is hidden if AccountLockoutDuration is null, otherwise it shows identically to AccountLockoutDuration does. | |||
Id | String | “AccountService”. | |||
Name | String | “AccountService”. | |||
MaxPasswordLength | Number | The maximum password length that the implementation will allow a password to be set to. The value is 255 and cannot be modified. | |||
MinPasswordLength | Number | The minimum password length that the implementation will allow a password to be set to. By default, this value is 10. | |||
Accounts | Object | This property shall contain the link to a collection of type ManagerAccount. | |||
Roles | Object | This property shall contain the link to a collection of type Role. | |||
ServiceEnabled | Boolean | The value of this property shall be a boolean indicating whether this service is enabled. The value is “True” and cannot modified. | |||
Description | String | This resource is used to represent a management account service for a Redfish implementation. | |||
LocalAccountAuth | String | This property shall govern how the service uses the Accounts collection within this AccountService as part of authentication. Details about each of the modes are found in the description of the enum values. | |||
LocalAccountAuth@Redfish.AllowableValues | Array | Items: string Item count: 4 The annotation is hidden on Flex platforms. | |||
LDAP | Object | The first LDAP external account provider this AccountService supports. | |||
Authentication | Object | This property contains the authentication information for the external account provider. | |||
AuthenticationType | String | This property contains the type of authentication used to connect to the external account provider. | |||
Username | String | This property contains the username of authentication used to connect to the external account provider. | |||
Password | String | This property contains the password of authentication used to connect to the external account provider. | |||
Certificates | Link | The value of this property is a URI reference to a collection of certificates. | |||
LDAPService | Object | This property contains additional mapping information needed to parse a generic LDAP service. | |||
SearchSettings | Object | This property contains the settings needed to search an external LDAP service. | |||
BaseDistinguishedNames | String | The base distinguished names to use when searching the LDAP service. | |||
GroupNameAttribute | String | The attribute name that contains the name of the Group on the group LDAP entry. | |||
GroupsAttribute | String | The attribute name that contains the Groups for a user on the user LDAP entry. | |||
UsernameAttribute | String | The attribute name that contains the Username on the user LDAP entry. | |||
PasswordSet | Boolean | This property shall be true when a non-empty value was provided to the Password property, otherwise it shall be false. | |||
ServiceAddresses | String | This property contains the addresses of the user account providers this resource references. The format of this field depends on the Type. | |||
RemoteRoleMapping | Array | This property shall contain a collection of the mapping rules to convert the external account providers account information to the local Redfish Role. | |||
RemoteRoleMapping[N] | Object | Expand | |||
LocalRole | String | The value of this property shall contain the value of the RoleId property within a Role resource on this Redfish service in which to map the remote user or group. | |||
RemoteGroup | String | The value of this property shall contain the name of the remote group (or in the case of a Redfish Service, remote role) that will be mapped to the local role referenced by this entity. | |||
ServiceAddresses | String | LDAP server address, array type | |||
ServiceEnabled | Boolean | LDAP enablement | |||
Status code
| HTTP Status Code | Error Message ID |
|---|---|
| 500 | InternalError |
Example
The following example JSON response is returned:
{
"MaxPasswordLength": 255,
"ServiceEnabled": true,
"AccountLockoutCounterResetAfter": 3600,
"Roles": {
"@odata.id": "/redfish/v1/AccountService/Roles"
},
"LocalAccountAuth": "Enabled",
"Accounts": {
"@odata.id": "/redfish/v1/AccountService/Accounts"
},
"Description": "This resource is used to represent a management account service for a Redfish implementation.",
"LocalAccountAuth@Redfish.AllowableValues": [
"Enabled",
"Disabled",
"LocalFirst",
"Fallback"
],
"AccountLockoutThreshold": 5,
"LDAP": {
"PasswordSet": false,
"Authentication": {
"Username": "",
"AuthenticationType": "UsernameAndPassword",
"Password": null
},
"Certificates": {
"@odata.id": "/redfish/v1/AccountService/LDAP/Certificates"
},
"ServiceEnabled": true,
"LDAPService": {
"SearchSettings": {
"BaseDistinguishedNames": [
""
],
"GroupNameAttribute": "memberOf",
"GroupsAttribute": "",
"UsernameAttribute": "sAMAccountName"
}
},
"RemoteRoleMapping": [
{
"RemoteGroup": null,
"LocalRole": null
},
{
"RemoteGroup": null,
"LocalRole": null
},
…,
{
"RemoteGroup": null,
"LocalRole": null
}
],
"ServiceAddresses": [
"0.0.0.0:389",
":389",
":389",
":389"
]
},
"@odata.context": "/redfish/v1/$metadata#AccountService.AccountService",
"@odata.type": "#AccountService.v1_10_0.AccountService",
"@odata.id": "/redfish/v1/AccountService",
"@odata.etag": "\"121794cb0497d2ff68de4b\"",
"MinPasswordLength": 10,
"Name": "AccountService",
"AccountLockoutCounterResetEnabled": true,
"AccountLockoutDuration": 3600,
"Id": "AccountService",
"Oem": {
…
}
}
}
Give documentation feedback