If an organization defines an LDAP service to use, an organization or system administrator can import groups from that service.
Importing a group from LDAP imports all the users in the group. You can also import users individually. See Import a User from an LDAP Service.
■
|
This operation requires the rights included in the predefined Organization Administrator role or an equivalent set of rights. |
■
|
Verify that your organization has defined an LDAP service to use. |
The server matches the value of the name attribute in the request body with the value of the LDAP attribute that the organization specified in the value of the GroupName element in the GroupAttributes of its OrgLdapSettings. The LDAP cn attribute is a common choice here. The server imports that group and all of its users from organization's LDAP service, and returns an updated Group element to the client.
This example imports a group to the organization created in Example: Create an Organization. The response is a Group element, most of which does not appear in the example. The response includes a link that an administrator can use to edit group metadata such as name and description, and a UsersList element that includes a UserReference element for each user in the group. The response also includes a NameInSource element, which contains the group's name as stored by the LDAP service, using its native encoding.
POST https://vcloud.example.com/api/admin/org/26/groups Content-Type: application/vnd.vmware.admin.group+xml ... <?xml version="1.0" encoding="UTF-8"?> <Group name="Engineering" xmlns="http://www.vmware.com/vcloud/v1.5"> <Role href="https://vcloud.example.com/api/admin/role/1bf4457f-a253-3cf1-b163-f319f1a31802"/> </Group>
201 Created Content-Type: application/vnd.vmware.admin.group+xml ... <Group xmlns="http://www.vmware.com/vcloud/v1.5" name="Engineering" id="urn:vcloud:group:44" type="application/vnd.vmware.admin.group+xml" href="https://vcloud.example.com/api/admin/group/44" ...> <Role type="application/vnd.vmware.admin.role+xml" name="vApp Author" href="https://vcloud.example.com/api/admin/role/1bf4457f-a253-3cf1-b163-f319f1a31802" /> </Group>
Until the import is complete, the Group element contains only partial information. After the import is complete, the element includes a list of users and other information.
<Group xmlns="http://www.vmware.com/vcloud/v1.5" name="Engineering" id="urn:vcloud:group:44" type="application/vnd.vmware.admin.group+xml" href="https://vcloud.example.com/api/admin/group/44" ...> <Link rel="edit" type="application/vnd.vmware.admin.group+xml" href="https://vcloud.example.com/api/admin/group/44" /> <Link rel="remove" href="https://vcloud.example.com/api/admin/group/44" /> <Description>Research and development</Description> <NameInSource>\C5\AF\B9\D4\9E\B5\32\40\AD\C5\E3\8E\17\4C\0D\28</NameInSource> <UsersList> <UserReference type="application/vnd.vmware.admin.user+xml" name="User-1" href="https://vcloud.example.com/api/admin/user/18" /> <UserReference type="application/vnd.vmware.admin.user+xml" name="User-3" href="https://vcloud.example.com/api/admin/user/19" /> </UsersList> <Role type="application/vnd.vmware.admin.role+xml" name="vApp Wrangler" href="https://vcloud.example.com/api/admin/role/102" /> </Group>