- NAME
-
- gcloud beta active-directory domains update-ldaps-settings - update the LDAPS settings for a domain
- SYNOPSIS
-
-
gcloud beta active-directory domains update-ldaps-settingsDOMAIN(--clear-certificates| [--certificate-pfx-file=PATH_TO_FILE:--certificate-password=CERTIFICATE_PASSWORD]) [--async] [GCLOUD_WIDE_FLAG …]
-
- DESCRIPTION
-
(BETA)Update a Managed Microsoft AD domain's Lightweight Directory Access Protocol over TLS/SSL (LDAPS) settings. You must be safelisted for the Managed AD LDAPS Alpha in order to use this feature. Consult the API documentation for a list of certificate requirements.This command can fail for the following reasons:
- The certificate is invalid.
- The domain specified does not exist.
- The active account does not have permission to view LDAPS settings for the domain.
- EXAMPLES
- To enable LDAPS for the first time or update the certificates being used:
gcloud beta active-directory domains update-ldaps-settings my-domain.com --certificate-pfx-file = certificate-chain-with-private-key.pfx --certificate-password = "password"To disable LDAPS:
gcloud beta active-directory domains update-ldaps-settings my-domain.com --clear-certificates - POSITIONAL ARGUMENTS
-
- Domain resource - Name of the managed Managed Microsoft AD domain you want to
update. This represents a Cloud resource. (NOTE) Some attributes are not given
arguments in this group but can be set in other ways.
To set the
projectattribute:- provide the argument
domainon the command line with a fully specified name; - provide the argument
--projecton the command line; - set the property
core/project.
This must be specified.
-
DOMAIN - ID of the domain or fully qualified identifier for the domain.
To set the
domainattribute:- provide the argument
domainon the command line.
- provide the argument
- provide the argument
- Domain resource - Name of the managed Managed Microsoft AD domain you want to
update. This represents a Cloud resource. (NOTE) Some attributes are not given
arguments in this group but can be set in other ways.
- REQUIRED FLAGS
-
- Exactly one of these must be specified:
-
--clear-certificates - Disable LDAPS by deleting all existing certificates. Certificates will need to be re-uploaded if LDAPS is to be re-enabled.
- Or at least one of these can be specified:
-
--certificate-pfx-file=PATH_TO_FILE - PKCS#12-formatted pfx file that specifies the certificate chain used to
configure LDAPS. If certificate-password is not specified, command will prompt
user for secret. Use a full or relative path to a local file containing the
value of certificate_pfx_file.
This flag argument must be specified if any of the other arguments in this group are specified.
-
--certificate-password=CERTIFICATE_PASSWORD - Password used to encrypt the PKCS#12 certificate. If not specified, command will prompt user for secret.
-
-
- Exactly one of these must be specified:
- OPTIONAL FLAGS
-
-
--async - Return immediately, without waiting for the operation in progress to complete.
-
- GCLOUD WIDE FLAGS
- These flags are available to all commands:
--access-token-file,--account,--billing-project,--configuration,--flags-file,--flatten,--format,--help,--impersonate-service-account,--log-http,--project,--quiet,--trace-token,--user-output-enabled,--verbosity.Run
$ gcloud helpfor details. - API REFERENCE
- This command uses the
managedidentities/v1beta1API. The full documentation for this API can be found at: https://cloud.google.com/managed-microsoft-ad/ - NOTES
- This command is currently in beta and might change without notice. These
variants are also available:
gcloud active-directory domains update-ldaps-settingsgcloud alpha active-directory domains update-ldaps-settings
gcloud beta active-directory domains update-ldaps-settings
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License , and code samples are licensed under the Apache 2.0 License . For details, see the Google Developers Site Policies . Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2026-05-27 UTC.
