No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionServer Tools 2.0 uREST User Guide 16

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Querying LDAP Information

Querying LDAP Information

Function

This command is used to query information about an LDAP domain controller. If -I is added, the command can be used to query information about a specified domain controller, certificate information related to the specified domain controller, and LDAP user group information. If -I is not added, information about all domain controllers can be queried.

Format

./urest -H HOST -p PORT -U USERNAME -P PASSWORD getldap -I {1,2,3,4,5,6}

Parameters

Parameter

Description

Value

HOST

iBMC IP address or domain name. It is a mandatory parameter. If an IPv6 address is used, the IPv6 address must be included in square brackets, such as [1001::1001].

-

PORT

Port number. The default value is 443. It is an optional parameter.

Enter the port number if the default value 443 is not used.

USERNAME

iBMC user name. It is a mandatory parameter.

-

PASSWORD

Password of the iBMC user. It is a mandatory parameter.

-

-I {1,2,3,4,5,6}

Specifies the sequence number of a domain controller. It is an optional parameter. If -I is added, this parameter can be used to query information about a specified domain controller, certificate information related to the specified domain controller, and LDAP user group information. If -I is not added, information about all domain controllers can be queried.

1-6

Usage Guidelines

None

Example

Obtain help information.

[root@localhost bin]# ./urest -H 10.10.10.10 -U ****** -P ****** getldap -h 
usage: urest getldap [-h] [-I {0,1,2,3,4,5}] 

optional arguments: 
  -h, --help        show this help message and exit 
  -I {0,1,2,3,4,5}  LDAP Controller ID

Query information about an LDAP domain controller.

[root@localhost bin]# ./urest -H 10.10.10.10 -U ****** -P ****** getldap 
LdapServiceEnabled: True 

[LdapControllers] 
-------------------------------------------------- 
Id                              :1 
LdapServerAddress               :None 
LdapPort                        :636 
UserDomain                      :,DC= 
CertificateVerificationEnabled  :True 
-------------------------------------------------- 
Id                              :2 
LdapServerAddress               :None 
LdapPort                        :636 
UserDomain                      :,DC= 
CertificateVerificationEnabled  :False 
-------------------------------------------------- 
Id                              :3 
LdapServerAddress               :None 
LdapPort                        :636 
UserDomain                      :,DC= 
CertificateVerificationEnabled  :False 
-------------------------------------------------- 
Id                              :4 
LdapServerAddress               :None 
LdapPort                        :636 
UserDomain                      :,DC= 
CertificateVerificationEnabled  :False 
-------------------------------------------------- 
Id                              :5 
LdapServerAddress               :None 
LdapPort                        :636 
UserDomain                      :,DC= 
CertificateVerificationEnabled  :False 
-------------------------------------------------- 
Id                              :6 
LdapServerAddress               :None 
LdapPort                        :636 
UserDomain                      :,DC= 
CertificateVerificationEnabled  :False 
--------------------------------------------------

Query information about a specified LDAP domain controller.

[root@localhost bin]# ./urest -H 10.10.10.10 -U ****** -P ****** getldap -I 1
LdapServerAddress               :192.168.2.57
LdapPort                        :636
UserDomain                      :,DC=huawei
CertificateVerificationEnabled  :False
 
[CertificateInformation]
ValidTo                         :Jan 05 2027 GMT
ValidFrom                       :Jan 07 2017 GMT
SerialNumber                    :c3 51 65 b9 5c 33 b2 f5
IssueBy                         :CN=huawei.ca.com, OU=IT, O=Huawei, L=ShenZhen, S=GuangDong, C=CN
IssueTo                         :CN=10.10.2.108, OU=IT, O=Huawei, L=ShenZhen, S=GuangDong, C=CN
 
[LdapGroups]
--------------------------------------------------
MemberId                        :0
GroupName                       :None
GroupDomain                     :CN=,OU=,DC=
GroupRole                       :NoAccess
GroupLoginRule                  :None
GroupLoginInterface             :Web,SSH,Redfish
--------------------------------------------------
MemberId                        :1
GroupName                       :huawei
GroupDomain                     :CN=huawei,OU=,DC=2
GroupRole                       :Administrator
GroupLoginRule                  :Rule1
GroupLoginInterface             :Web
--------------------------------------------------
MemberId                        :2
GroupName                       :None
GroupDomain                     :CN=,OU=,DC=
GroupRole                       :NoAccess
GroupLoginRule                  :None
GroupLoginInterface             :Web,SSH,Redfish
--------------------------------------------------
MemberId                        :3
GroupName                       :None
GroupDomain                     :CN=,OU=,DC=
GroupRole                       :NoAccess
GroupLoginRule                  :None
GroupLoginInterface             :Web,SSH,Redfish
--------------------------------------------------
MemberId                        :4
GroupName                       :None
GroupDomain                     :CN=,OU=,DC=
GroupRole                       :NoAccess
GroupLoginRule                  :None
GroupLoginInterface             :Web,SSH,Redfish
--------------------------------------------------

System Response

Table 3-42 Output description

Parameter

Description

LdapServiceEnabled

Enabling status of the LDAP function.

Id

LDAP resource ID.

LdapServerAddress

LDAP resource name.

LdapPort

Port number of the domain controller.

UserDomain

User domain of the domain controller.

CertificateVerificationEnabled

Certificate enabling status.

CertificateInformation

Certificate information

  • IssueBy: indicates the organization that issued the certificate.
  • IssueTo: indicates the user of the certificate.
  • ValidFrom: indicates the start time of the certificate.
  • ValidTo: indicates the end time of the certificate.
  • SerialNumber: indicates the certificate serial number

LdapGroups

LDAP user group

MemberId

User group ID

GroupName

User group name

GroupDomain

Domain of the user group

GroupRole

User group role

GroupLoginRule

Login rules of the user group

GroupLoginInterface

Login interface. Each component is a string of characters.

Translation
Download
Updated: 2020-02-13

Document ID: EDOC1000176182

Views: 120186

Downloads: 587

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next