This can also now be handled within the JumpCloud Admin Portal interface. See Manage Password and Security Settings.
LDAP API Attributes
Attributes are available for the JumpCloud V2 API /ldapservers/{id} endpoint. The values for each attribute are disable and remove:
- userLockoutAction - This attribute controls the action taken when a user is locked out due to repeated failed login attempts. If set to remove, when a lockout occurs, the user is removed from the LDAP server and no longer exists in the LDAP service. If set to disable, when a lockout occurs, they remain in LDAP but can’t authenticate against the LDAP service.
- userPasswordExpirationAction - This attribute controls the action taken when a user’s JumpCloud account password expires. If set to remove, the user is removed from the LDAP server and no longer exists in the LDAP service when their account password expires. If set to disable, they remain in LDAP but can’t authenticate against the LDAP service when their password expires. To see a list of LDAP servers and their settings for the attributes, complete an HTTP GET request. See the Sample Requests below for an example GET call.
Sample Requests
The following sample is an example request of an HTTP PATCH call containing the new attributes.
curl -X PATCH https://console.jumpcloud.com/api/v2/ldapservers/{LDAP_ID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
-d '{
"userLockoutAction": "remove",
"userPasswordExpirationAction": "disable"
}'
The following sample is an example request of an HTTP GET call to see a list of LDAP servers.
curl -X GET https://console.jumpcloud.com/api/v2/ldapservers/ \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}' \
Be sure to replace {API_KEY} and {LDAP_ID} with your own values and remember to remove the brackets { } around the values.