Update-AD-Settings Command

Use the Crypto CLI update-AD-settings command to update your AD settings.

Syntax

cryptocli update-ad-settings [options]

Option

Description

-h or --help

 Displays usage text.

-a or --ad-setting-id string

 The Active Directory setting ID or name. Strings must be enclosed in double quotes.

-n or --netbios-name string

 The Active Directory NetBIOS name. Strings must be enclosed in double quotes.

-r or --revision int

 The Active Directory setting current revision.

-j, --servers-json-file string

The Active Directory Domain Controller List JSON File. This is an array of JSON objects, each object representing a Domain Controller. Strings must be enclosed in double quotes.

The following keys are supported:

  • server_url - the (mandatory) full url of the Domain Controller

  • cacert (optional) - the path to the CA Certificate to verify with

  • user_base_dn (optional) - the user base DN

  • group_base_dn (optional) - the group base DN

  • timeout (optional) - the connection timeout in seconds. The default is 5 seconds.

  • tls (optional) - whether to enable StartTLS or not. The default is false.

Example: 

[
     {
           "server_url": "ldaps://dc1.mycompany.eng.com",
           "cacert": "/root/cacert.pem",
           "user_base_dn": "DC=mycompany,DC=eng,DC=com",
           "group_base_dn": "DC=mycompany,DC=eng,DC=com",
            "timeout": 10,
            "tls": false,
     }
]

-s, --service-account string

 The Active Directory service account user name. Strings must be enclosed in double quotes.

-p, --service-password string

 The Active Directory service account user password. Strings must be enclosed in double quotes.

-u, --uid-attribute string

The Active Directory UID Attribute. Strings must be enclosed in double quotes.

-t, --type string

 The domain type.