This unauthenticated command helps setup the authentication mechanism for your Ops Manager with LDAP.
Usage:
om [OPTIONS] configure-ldap-authentication [configure-ldap-authentication-OPTIONS]
This unauthenticated command helps setup the authentication mechanism for your
Ops Manager with LDAP.
Application Options:
--ca-cert= OpsManager CA certificate path or
value [$OM_CA_CERT]
-c, --client-id= Client ID for the Ops Manager VM
(not required for unauthenticated
commands) [$OM_CLIENT_ID]
-s, --client-secret= Client Secret for the Ops Manager VM
(not required for unauthenticated
commands) [$OM_CLIENT_SECRET]
-o, --connect-timeout= timeout in seconds to make TCP
connections (default: 10)
[$OM_CONNECT_TIMEOUT]
-d, --decryption-passphrase= Passphrase to decrypt the
installation if the Ops Manager VM
has been rebooted (optional for most
commands) [$OM_DECRYPTION_PASSPHRASE]
-e, --env= env file with login credentials
-p, --password= admin password for the Ops Manager
VM (not required for unauthenticated
commands) [$OM_PASSWORD]
-r, --request-timeout= timeout in seconds for HTTP requests
to Ops Manager (default: 1800)
[$OM_REQUEST_TIMEOUT]
-k, --skip-ssl-validation skip ssl certificate validation
during http requests
[$OM_SKIP_SSL_VALIDATION]
-t, --target= location of the Ops Manager VM
[$OM_TARGET]
--trace prints HTTP requests and response
payloads [$OM_TRACE]
-u, --username= admin username for the Ops Manager
VM (not required for unauthenticated
commands) [$OM_USERNAME]
--vars-env= load vars from environment variables
by specifying a prefix (e.g.: 'MY'
to load MY_var=value) [$OM_VARS_ENV]
-v, --version prints the om release version
Help Options:
-h, --help Show this help message
[configure-ldap-authentication command options]
-d, --decryption-passphrase= passphrase used to encrypt the
installation
--http-proxy-url= proxy for outbound HTTP network
traffic
--https-proxy-url= proxy for outbound HTTPS network
traffic
--no-proxy= comma-separated list of hosts that
do not go through the proxy
--email-attribute= name of the LDAP attribute that
contains the users email address
--group-search-base= start point for a user group
membership search, and sequential
nested searches
--group-search-filter= search filter to find the groups to
which a user belongs, e.g.
'member={0}'
--ldap-password= password for ldap-username DN
--ldap-rbac-admin-group-name= the name of LDAP group whose members
should be considered admins of
OpsManager
--ldap-referrals= configure the UAA LDAP referral
behavior
--ldap-username= DN for the LDAP credentials used to
search the directory
--ldap-max-search-depth= The LDAP group search depth. Allowed
values are between 1 and 10. The
default value is 1, which will turn
off the nested group search.
--server-ssl-cert= the server certificate when using
ldaps://
--server-url= URL to the ldap server, must start
with ldap:// or ldaps://
--user-search-base= a base at which the search starts,
e.g. 'ou=users,dc=mycompany,dc=com'
--user-search-filter= search filter used for the query.
Takes one parameter, user ID defined
as {0}. e.g. 'cn={0}'
--skip-create-bosh-admin-client by default, this command creates a
UAA client on the Bosh Director,
whose credentials can be passed to
the BOSH CLI to execute BOSH
commands. This flag skips that.
--precreated-client-secret= create a UAA client on the Ops
Manager vm. The client_secret will
be the value provided to this option
config file interpolation:
-c, --config= path to yml file for configuration
(keys must match the following
command line flags)
--vars-env= load variables from environment
variables matching the provided
prefix (e.g.: 'MY' to load
MY_var=value) [$OM_VARS_ENV]
-l, --vars-file= load variables from a YAML file
-v, --var= load variable from the command line.
Format: VAR=VAL