HP 3PAR StoreServ 7450 4-node HP 3PAR Command Line Interface Administrator& - Page 38
Configuring LDAP Connections on Systems Using Domains, HP 3PAR StoreServ Storage, Concepts Guide
View all HP 3PAR StoreServ 7450 4-node manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 38 highlights
rights within the system, all engineering group members have Edit rights within the system, and all hardware group members have Browse rights within the system. Configuring LDAP Connections on Systems Using Domains LDAP is also available for systems using virtual domains for access control. The configuration process is nearly identical to configuring LDAP on non-Domain systems, with the only difference being an additional authorization step to map a user's group to a domain. For information about LDAP and domains, see "Lightweight Directory Access Protocol" in the HP 3PAR StoreServ Storage Concepts Guide. To configure your system to use an Active Directory LDAP server using SASL binding, the following process must be performed (detailed instructions follow): • Configure connection parameters using the following commands: ◦ setauthparam ldap-server ◦ setauthparam ldap-server-hn ◦ setauthparam kerberos-realm • Configure binding (authentication) parameters using the following commands: ◦ setauthparam binding sasl ◦ setauthparam sasl-mechanism • Configure account location parameters using the following commands: ◦ setauthparam accounts-dn ◦ setauthparam account-obj user ◦ setauthparam account-name-attr sAMAccount ◦ setauthparam memberof-attr memberOf ◦ checkpassword • Configure group-to-role mapping parameters using the following command: setauthparam • Configure group-to-domain mapping parameters using the following commands: ◦ setauthparam group-obj group ◦ setauthparam domain-name-attr , and optionally setauthparam domain-name-prefix ◦ checkpassword The following instructions describe how to set up an Active Directory LDAP connection on a system using Domains: 1. Follow the directions as described in the following sections: a. "Configuring Connection Parameters" (page 23) b. "Configuring Binding Parameters" (page 24) c. "Configuring Account Location Parameters" (page 24) d. "Configuring Group-to-Role Mapping Parameters" (page 26); however, do not issue the checkpassword command. 38 Managing User Accounts and Connections