No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Command Reference 10

OceanStor 5300 V3, 5500 V3, 5600 V3, 5800 V3, and 6800 V3 Storage System V300R003

"Based on the CLI, this document describes how to use various commands classified by functions and how to set the CLI and manage the storage system through these commands. The document that you browse online matches the latest C version of the product. Click Download to download documents of other C versions."
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
create ldap authconfig

create ldap authconfig

Function

The create ldap authconfig command is used to configure LDAP servers. If "host_list" is configured, "port" is mandatory, indicating that the authentication is implemented by a specified LDAP server. If "host_list" is not configured, "port" is optional, indicating that the authentication is implemented by a domain controller that is detected using the DNS.

Format

create ldap authconfig type=? base_dn=? bind_dn=? bind_password=? user_search_path=? over_ssl=? [ user_id_attr=? | user_name_attr=? | group_id_attr=? | group_name_attr=? | group_member_attr=? | user_objectclass=? | group_objectclass=? | group_search_path=? | host_list=? | port=? ] *

Parameters

Parameter

Description

Value

type=? Type of a server.

The value is case-insensitive and can be "LDAP" or "AD", where:

  • "LDAP": common LDAP protocol.
  • "AD": Active Directory (AD) protocol.
host_list=? IP address list of an LDAP server.

The value contains a maximum of four IP addresses separated by commas (,). You can access the LDAP server by using any of the four IP addresses.

port=? ID of the listening port on an LDAP server.

The value is an integer between 1 and 65535.

base_dn=? Base distinguished name (DN). This parameter defines a start point for searching on an LDAP directory server.

The value is in the format of cn=, ou=, dc=.

bind_dn=? DN bound with an LDAP server. If anonymous binding is not supported on an LDAP server, you must bind DNs before you can retrieve the information about users or user groups.

The value is in the format of cn=, ou=, dc=.

bind_password=? Password of the bound DN.

The value contains 1 to 64 characters.

user_search_path=? LDAP directory server path under which users will be searched for.

The value is in the format of cn=, ou=, dc=.

group_search_path=? LDAP directory server path under which user groups will be searched for.

The value is in the format of cn=, ou=, dc=.

over_ssl=? Whether to enable SSL communication for an LDAP server.

The value can be "yes" or "no", where:

  • "yes": The SSL function is used.
  • "no": The SSL function is not used.
The default value is "no".
user_id_attr=? Attribute of a user ID.

The default value can be "uidNumber" or "uSNCreated", where:

  • "uidNumber": This value is used when "type=?" is set to "LDAP".
  • "uSNCreated": This value is used when "type=?" is set to "AD".
user_name_attr=? Attribute of a user name.

The default value can be "uid" or "sAMAccountName", where:

  • "uid" is used when "type=?" is set to "LDAP".
  • "sAMAccountName" is used when "type=?" is set to "AD".
group_id_attr=? Attribute of a user group ID.

The default value can be "gidNumber" or "uSNCreated", where:

  • "gidNumber" is used when "type=?" is set to "LDAP".
  • "uSNCreated" is used when "type=?" is set to "AD".
group_name_attr=? Attribute of a user group name.

The default value can be "cn" or "sAMAccountName", where:

  • "cn" is used when "type=?" is set to "LDAP".
  • "sAMAccountName" is used when "type=?" is set to "AD".
group_member_attr=? Attribute of a user group member name.

The default value can be "uniqueMember" or "member", where:

  • "uniqueMember" is used when "type=?" is set to "LDAP".
  • "member" is used when "type=?" is set to "AD".
user_objectclass=? Name of a class to which a user belongs.

The default value can be "posixAccount" or "user", where:

  • "posixAccount" is used when "type=?" is set to "LDAP".
  • "user" is used when "type=?" is set to "AD".
group_objectclass=? Name of a class to which a user group belongs.

The default value can be "groupOfUniqueNames" or "group", where:

  • "groupOfUniqueNames" is used when "type=?" is set to "LDAP".
  • "group" is used when "type=?" is set to "AD".

Level

Super administrator

Usage Guidelines

  • The configuration information about the LDAP server must be consistent with that on the server end, otherwise the LDAP function may not work properly.
  • To ensure secure data transmission, you are advised to use Secure Sockets Layer(SSL) encryption.

Example

Configure an LDAP server. The type of the server is LDAP, the IP addresses of the server are respectively "192.168.3.4" and "192.168.5.2", the listening port is port "389", the basic DN is "cn=JohnDoe","ou=cd","dc=example","dc=com", the bound DN is "cn=Manager","ou=cq","dc=example","dc=com", the password of the bound DN is "123456", the path under which users will be searched for is "userpath", the path under which user groups will be searched for is "grouppath". Enable the SSL communication for the LDAP server. Keep the default values of other parameters.

admin:/>create ldap authconfig type=LDAP base_dn=cn=JohnDoe,ou=cd,dc=example,dc=com bind_dn=cn=Manager,ou=cq,dc=example,dc=com bind_password=****** user_search_path=cn=emply over_ssl=yes host_list=192.168.3.4,192.168.5.2 port=389
Command executed successfully.

System Response

None

Translation
Download
Updated: 2019-07-22

Document ID: EDOC1000084195

Views: 347445

Downloads: 1583

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next