Test the connection settings for an LDAP configuration.
This tests that the connection is possible given a connection_host and connection_port.
connection_host and connection_port are required. connection_tls is optional.
No authentication to the LDAP server is attempted.
The active LDAP settings are not modified.
Calls to this endpoint may be denied by Looker (Google Cloud core).
Expand HTTP Body definition...
Expand LDAPConfig definition...
Operations the current user is able to perform on this object
Allow alternate email-based login via '/login/email' for admins and for specified users with the 'login_special_email' permission. This option is useful as a fallback during ldap setup, if ldap config problems occur later, or if you need to support some users who are not in your ldap directory. Looker email/password logins are always disabled for regular users when ldap is enabled.
(Write-Only) Password for the LDAP account used to access the LDAP server
Users will not be allowed to login at all unless a role for them is found in LDAP if set to true
Distinguished name of LDAP account used to access the LDAP server
LDAP server hostname
LDAP host port
Use Transport Layer Security
Do not verify peer when using TLS
Enable/Disable LDAP authentication for the server
Don't attempt to do LDAP search result paging (RFC 2696) even if the LDAP server claims to support it.
Base dn for finding groups in LDAP searches
Identifier for a strategy for how Looker will search for groups in the LDAP server
LDAP Group attribute that signifies the members of the groups. Most commonly 'member'
Optional comma-separated list of supported LDAP objectclass for groups when doing groups searches
LDAP Group attribute that signifies the user in a group. Most commonly 'dn'
(Read-only) Has the password been set for the LDAP account used to access the LDAP server
Merge first-time ldap login to existing user account by email addresses. When a user logs in for the first time via ldap this option will connect this user into their existing account by finding the account with a matching email address. Otherwise a new user account will be created for the user.
When this config was last modified
User id of user who last modified this config
Set user roles in Looker based on groups from LDAP
(Write-Only) Test LDAP user password. For ldap tests only.
(Write-Only) Test LDAP user login id. For ldap tests only.
Name of user record attributes used to indicate email address field
Name of user record attributes used to indicate first name
Name of user record attributes used to indicate last name
Name of user record attributes used to indicate unique record id
Distinguished name of LDAP node used as the base for user searches
(Optional) Custom RFC-2254 filter clause for use in finding user during login. Combined via 'and' with the other generated filter clauses.
Name(s) of user record attributes used for matching user login id (comma separated list)
(Optional) Name of user record objectclass used for finding user during login id
Allow LDAP auth'd users to be members of non-reflected Looker groups. If 'false', user will be removed from non-reflected groups on login.
LDAP auth'd users will be able to inherit roles from non-reflected Looker groups.
Allows roles to be directly assigned to LDAP auth'd users.
Link to get this item
200: Result info.
Additional details for error cases
Expand LDAPConfigTestIssue definition...
Severity of the issue. Error or Warning
Message describing the issue
Short human readable test about the result
Test status code: always 'success' or 'error'
A more detailed trace of incremental results during auth tests
User details from LDAP server for auth tests
Expand LDAPUser definition...
Dictionary of user's attributes (name/value)
Primary email address
LDAP's distinguished name for the user record
LDAP's Unique ID for the user
400: Bad Request
403: Permission Denied
404: Not Found
422: Validation Error
Expand ValidationErrorDetail definition...
Error info message