Resource Definition to Configure LDAP on iOS Devices

A sample resource definition, together with details on the information that is added in the JSON are as follows:

Sample definition JSON to configure LDAP

The following are sample configurations that can be used in a JSON to configure LDAP on iOS devices:

{
  "operation": {
    "accountDescription": "This is an LDAP account.",
    "accountHostName": "192.202.185.90",
    "accountUseSSL": true,
    "accountUsername": "LDAPUser",
    "accountPassword": "$ldapuser1234",
    "ldapSearchSettings": [
      {
        "searchSettingDescription": "Search setting description1.",
        "searchSettingSearchBase": "ou=people1,o=example1",
        "searchSettingScope": "LDAPSearchSettingScopeBase"
      },
      {
        "searchSettingDescription": "Search setting description2.",
        "searchSettingSearchBase": "ou=people2,o=example2",
        "searchSettingScope": "LDAPSearchSettingScopeSubtree"
      }
    ]
  },
  "deviceIDs": [
    "2be702beaaf4ad34fc9e7f8da2b6b808c453fa72b", 
    "2ec33430ad456713c633de75b2219376bac45de56"
  ]
}

Property definitions

All the properties that correspond to configuring LDAP are explained as follows:

operations
deviceIDs

Property	Description			Data Type	Example
operation	The attributes required to carry out the operation of configuring LDAP are defined here.	Yes	N/A	operation	-
`deviceIDs`	The Device ID. This field is not case sensitive.	Yes	N/A	String	2be702beaaf4ad34fc9e7f8da2b6b808c453fa72b

Operation

Property	Description			Data Type	Example
`accountDescription`	Description of the account.	No	N/A	String	This is an LDAP account.
`accountHostName`	The host.	Yes	N/A	String	ldap.netscape.com or 192.202.185.90
`accountUseSSL`	Indicates wether or not to use SSL.	Yes	True	Boolean	False
`accountUsername`	The username.	No	N/A	String	LDAPUser
`accountPassword`	Use only with encrypted profiles.	No	N/A	String	$ldapuser1234
`ldapSearchSettings`	Top level container object. Each LDAPSearchSettings object represents a node in the LDAP tree to start searching from, and tells what scope to search in (the node, the node plus one level of children, or the node plus all levels of children)	Yes	N/A	ldapSearchSettings	-

ldapSearchSettings

Property	Description			Data Type	Example
`searchSettingDescription`	Description of this search setting.	No	N/A	String	Search setting description.
`searchSettingSearchBase`	Conceptually, the path to the node where a search should start.	Yes	N/A	String	ou=people1,o=example1
`searchSettingScope`	Defines what recursion to use in the search. The values can be one of the following: LDAPSearchSettingScopeBase: Just the immediate node pointed to by SearchBase LDAPSearchSettingScopeOneLevel: The node plus its immediate children. LDAPSearchSettingScopeSubtree: The node plus all children, regardless of depth.	Yes	N/A	String	LDAPSearchSettingScopeSubtree