AllocAccount makes an empty one in memory.

AllocAccountAttributeMap makes an empty one in memory.

AllocAuthMethod makes an empty one in memory.

AllocManagedGroup makes an empty one in memory.

Authenticate is an ldap domain service function for handling an LDAP authentication flow.

ConvertToAccountToAttribute will convert a string to an AccountToAttribute.

EncodeCertificates will encode a number of x509 certificates to PEMs.

ListAccounts lists up to page size ldap accounts, filtering out entries that do not pass the filter item function.

ListAccountsPage lists up to page size ldap accounts, filtering out entries that do not pass the filter item function.

ListAccountsRefresh lists ldap accounts according to the page size and list token, filtering out entries that do not pass the filter item fn.

ListAccountsRefreshPage lists up to page size accounts, filtering out entries that do not pass the filter item function.

ListManagedGroups lists up to page size ldap managed groups, filtering out entries that do not pass the filter item function.

ListManagedGroupsPage lists up to page size ldap managed groups, filtering out entries that do not pass the filter item function.

ListManagedGroupsRefresh lists ldap managed groups according to the page size and list token, filtering out entries that do not pass the filter item fn.

ListManagedGroupsRefreshPage lists up to page size managed groups, filtering out entries that do not pass the filter item function.

NewAccount creates a new in memory Account assigned to ldap AuthMethod.

NewAccountAttributeMap creates a new one in memory.

NewAuthMethod creates a new in memory AuthMethod assigned to a scopeId.

NewBindCredential creates a new in memory BindCredential.

NewCertificate creates a new in memory certificate assigned to and LDAP auth method.

NewClientCertificate creates a new in memory ClientCertificate.

NewDerefAliases creates a new in memory NewDerefAliases.

NewGroupEntrySearchConf creates a new in memory NewGroupEntrySearchConf.

NewManagedGroup creates a new in memory ManagedGroup assigned to LDAP AuthMethod.

NewRepository creates a new ldap Repository.

NewUrl creates a new in memory Url.

NewUserEntrySearchConf creates a new in memory NewUserEntrySearchConf.

ParseAccountAttributeMaps will parse the inbound attribute maps.

ParseCertificates will parse a number of certificates PEMs to x509s.

TestAccount creates a test ldap auth account.

TestAuthMethod creates a new auth method and it's persisted in the database.

TestConvertToUrls will convert URL string representations to a slice of *url.URL.

TestEncodeGrpNames will json marshal group names.

TestGenerateCA will generate a test x509 CA cert, along with it encoded in a PEM format.

TestGetAcctManagedGroups will retrieve the managed groups associated with an account.

TestManagedGroup creates a test ldap managed group.

TestSortAuthMethods will sort the provided auth methods by public id and it will sort each auth method's embedded value objects.

WithAccountAttributeMap provides an option for specifying an Account Attribute map.

WithAnonGroupSearch optionally specifies to use anon bind when performing LDAP group searches.

WithBindCredential optionally specifies a set of optional configuration parameters which allow Boundary to bind (aka authenticate) using the credentials provided when searching for the user entry used to authenticate the end user.

WithCertificates provides optional certificates.

WithClientCertificate provides optional configuration fields used for specifying a mTLS client cert for LDAP connections.

WithDerefAliases provides an option for passing in how dereferencing aliases should be handled.

WithDescription provides an optional description.

WithDiscoverDn optionally specifies to use anon bind to discover the bind DN of a user.

WithDn provides an optional distinguished name.

WithEmail provides an optional email address for the account.

WithEnableGroups optionally enables an authenticated user's groups will be found during authentication.

WithFullName provides an optional full name for the account.

WithGroupAttr optionally specifies a group attr used to search for group entries.

WithGroupDn optionally specifies a group dn used to search for group entries.

WithGroupFilter optionally specifies a group filter used to search for group entries.

WithInsecureTLS optional specifies to skip LDAP server SSL certificate validation - insecure and use with caution.

WithLimit provides an option to provide a limit.

WithMaximumPageSize provides an option for passing a max page size for group searching to the operation.

WithMemberOfGroups provides an option for specifying a list of group names.

WithName provides an optional name.

WithOperationalState provides an option for specifying the auth method's operational state.

WithOrderByCreateTime provides an option to specify ordering by the CreateTime field.

WithPublicId provides an option for passing a public id to the operation.

WithStartPageAfterItem is used to paginate over the results.

WithStartTLS optionally enables a StartTLS command after establishing an unencrypted connection.

WithUnauthenticatedUser provides an option for filtering results for an unauthenticated users.

WithUpnDomain optionally specifies the userPrincipalDomain used to construct the UPN string for the authenticating user.

WithUrls provides optional urls for the auth method.

WithUserAttr optionally specifies a user attr used to search for user entries.

WithUserDn optionally specifies a user dn used to search for user entries.

WithUserFilter optionally specifies a user filter used to search for user entries.

WithUseTokenGroups optionally enables the use the Active Directory tokenGroups constructed attribute of the user to find the group memberships.

seconds.

ToEmailAttribute defines the valid email attribute name.

ToFullNameAttribute defines the valid full name attribute name.

Account contains an ldap auth account.

AccountAttributeMap defines optional from/to account attribute maps.

AttributeMap defines the To and From of an ldap attribute map.

AuthMethod contains an LDAP auth method configuration.

BindCredential represent optional parameters which allow Boundary to bind (aka authenticate) using the credentials provided when searching for the user entry used to authenticate the end user.

Certificate defines a certificate to use as part of a trust root when connecting to an auth method's LDAP server.

ClientCertificate represents a set of optional configuration fields used for specifying a mTLS client cert for LDAP connections.

DerefAliases represent optional config parameters which allow Boundary to properly dereference aliases when ldap searching.

GroupEntrySearchConf represent a set of optional configuration fields used to search for group entries.

ManagedGroup contains an LDAP managed group.

ManagedGroupMemberAccount contains a mapping between a managed group and a member account.

Repository is the ldap repository.

Url represents a required one to many auth method urls.

UserEntrySearchConf represent a set of optional configuration fields used to search for user entries.

AccountToAttribute defines a type for: to account attributes.

AuthMethodState defines the possible states for an ldap auth method.

Option - how options are passed as args.

RepoFactory is a factory function that returns a repository and any error.