An LDAP connector is configured at the users auth-servers ldap level.
To create an LDAP connector, use the following command:
Admin@nodename# create users auth-server ldap <parameter>
Provide the following parameters:
|
Parameter |
Description |
|---|---|
|
name |
LDAP connector name. |
|
enabled |
Enable/disable the auth server. |
|
description |
LDAP connector description. |
|
ssl |
Values:
|
|
address |
Controller IP address or the LDAP domain name. |
|
bind-dn |
The username used to connect to the server. Format: DOMAIN\username or username@domain. The user must be a user in the domain. |
|
password |
The user's password for connecting to the domain. |
|
domains |
List of domains served by the domain controller. |
|
search-roots |
The list of LDAP server paths relative to which the system will search for users and groups. Specify the full name, e.g., ou=Office,dc=example,dc=com. If the search paths are not specified, the system will search over the entire directory, starting from the root. |
To edit information about an existing LDAP connector, use the following command:
Admin@nodename# set users auth-server ldap <ldap-server-name> <parameter>
The parameters available to update are the same as those for creating an LDAP connector.
To display information on an LDAP connector, use the following command:
Admin@nodename# show users auth-server ldap <ldap-server-name>
Example commands to create and edit an LDAP connector:
Admin@nodename# create users auth-server ldap name "New LDAP connector" ssl on address 10.10.0.10 bind-dn ug@testd.local password 12345 domains [ testd.local ] search-roots [ dc=testd,dc=local ] enabled on Admin@nodename# show users auth-server ldap "New LDAP connector" name : New LDAP connector enabled : on ssl : on address : 10.10.0.10 bind-dn : ug@testd.local domains : testd.local search-roots : dc=testd,dc=local keytab_exists : off Admin@nodename# set users auth-server ldap "New LDAP connector" description "New LDAP connector description" Admin@nodename# show users auth-server ldap "New LDAP connector" name : New LDAP connector description : New LDAP connector description enabled : on ssl : on address : 10.10.0.10 bind-dn : ug@testd.local domains : testd.local search-roots : dc=testd,dc=local keytab_exists : off
To delete an LDAP connector, use the following command:
Admin@nodename# delete users auth-server ldap <ldap-server-name> <parameter>
You can also delete individual parameters of an LDAP connector. You can delete the following parameters:
-
domains
-
search-roots