No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Installation Guide

OceanStor 5000, 5000F, 6000, and 6000F V5 Series V500R007

This document is applicable to OceanStor 5110 V5, 5110F V5, 5300 V5, 5300F V5, 5500 V5, 5500F V5, 5600 V5, 5600F V5, 5800 V5, 5800F V5, 6800 V5, and 6800F V5 storage systems. It describes hardware installation of those storage systems for helping you easily and quickly finish the installation.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Preparing LDAP Domain Configuration Data

Preparing LDAP Domain Configuration Data

Collect the configuration data of an LDAP domain server in advance to add storage systems to the LDAP domain.

LDAP Domain Parameters

LDAP data is organized in a tree structure that clearly lays out organizational information. A node on this tree is called as Entry. Each Entry has a distinguished name (DN). The DN of an Entry is composed of the Base DN and RDN. The Base DN refers to the position of the parent node where the Entry resides on the tree, and the RDN refers to an attribute (such as UID or CN) that distinguishes the Entry from others.

LDAP directories function as file system directories. For example, directory dc=redmond,dc=wa,dc=microsoft,dc=com can be regarded as the following path of a file system directory: com\microsoft\wa\redmond. In another example of directory cn=user1,ou=user,dc=example,dc=com, cn=user1 indicates a user name and ou=user indicates the organization unit of an Active Directory (AD), that is, user1 is in the user organization unit of the example.com domain.

The following figure shows data structure of an LDAP server:

Table 10-4 describes meanings of LDAP entry acronyms.

Table 10-4 Meanings of LDAP entry acronyms

Acronym

Meaning

o

Organization

ou

Organization Unit

c

Country Name

dc

Domain Component

sn

Surname

cn

Common Name

Obtaining LDAP Configuration Data in Windows

OpenLDAP is a free and open implementation of LDAP that is now widely used in various popular Linux releases. Using OpenLDAP as an example, the following steps describe how to obtain LDAP configuration data.

NOTE:

The OpenLDAP installation package is not provided on the OpenLDAP website, but on the Userbooster website. The installation package supports the following Windows operating systems: Windows XP, Windows Server 2003, Windows Server 2008, Windows Vista, Windows 7, Windows 8, and Windows Server 2012.

  1. Open the OpenLDAP installation directory.
  2. Find the slapd.conf system configuration file.
  3. Use the text editing software to open the configuration file and search for the following fields:
    suffix "dc=example,dc=com" 
    rootdn  "cn=Manager,dc=example,dc=com" 
     
    rootpw    XXXXXXXXXXXX     
    • dc=example,dc=com corresponds to Base DN on the storage system configuration page.
    • cn=Manager,dc=example,dc=com corresponds to Bind DN on the storage system configuration page.
    • XXXXXXXXXXXX corresponds to Bind Password on the storage system configuration page. If the password is in ciphertext, contact LDAP server administrators to obtain the password.
  4. Find configuration files (with .ldif as the file name extension) of users and user groups that need to access storage systems.
    NOTE:

    LDAP Interchange Format (LDIF) is one of the most common file formats for LDAP applications. It is a standard mechanism that represents directories in the text format, and it allows users to import data to and export data from the directory server. LDIF files store LDAP configurations and directory contents, and you can obtain parameter information from LDIF files.

  5. Use text editing software to open the configuration file and find the DNs of a user and a user group that correspond to User Directory and Group Directory respectively on the storage system configuration page.
    #root on the top 
    dn: dc=example,dc=com 
    dc: example 
    objectClass: domain 
    objectClass: top 
    #First organization unit name: user 
    dn: ou=user,dc=example,dc=com 
    ou: user 
    objectClass: organizationalUnit 
    objectClass: top 
    #Second organization unit name: groups 
    dn: ou=group,dc=example,dc=com 
    ou: groups 
    objectClass: organizationalUnit 
    objectClass: top 
    #The first user represents user1 that belongs to organization unit user in the organizational structure topology. 
    dn: cn=user1,ou=user,dc=example,dc=com 
    cn: user1 
    objectClass: posixAccount 
    objectClass: shadowAccount 
    objectClass: inetOrgPerson 
    sn: user1 
    uid: user1 
    uidNumber: 2882 
    gidNumber: 888 
    homeDirectory: /export/home/ldapuser 
    loginShell: /bin/bash 
    userPassword: {ssha}eoWxtWNl8YbqsulnwFwKMw90Cx5BSU9DRA==xxxxxx 
    #The second user represents user2 that belongs to organization unit user in the organizational structure topology. 
    dn: cn=user2,ou=user,dc=example,dc=com 
    cn: user2 
    objectClass: posixAccount 
    objectClass: shadowAccount 
    objectClass: inetOrgPerson 
    sn: client 
    uid: client 
    uidNumber: 2883 
    gidNumber: 888 
    homeDirectory: /export/home/client 
    loginShell: /bin/bash 
    userPassword: {ssha}eoWxtWNl8YbqsulnwFwKMw90Cx5BSU9DRA==xxxxxx 
    #The first user group represents group1 that belongs to organization unit group in the organizational structure topology. The group contains user1 and user2. 
    dn: cn=group1,ou=group,dc=example,dc=com 
    cn: group1 
    gidNumber: 888 
    memberUid: user1#Belongs to the group. 
    memberUid: user2#Belongs to the group. 
    objectClass: posixGroup     

Obtaining LDAP Configuration Data in Linux

Using OpenLDAP as an example, the following steps describe how to obtain LDAP configuration data.

  1. Log in to an LDAP server as user root.
  2. Run the cd /etc/openldap command to go to the /etc/openldap directory.
    linux-ldap:~ # cd /etc/openldap 
    linux-ldap:/etc/openldap #
  3. Run the ls command to view system configuration file slapd.conf and the configuration file (with .ldif as the file name extension) of users and user groups who want to access storage systems.
    linux-ldap:/etc/openldap #ls 
    example.ldif ldap.conf schema slap.conf slap.con slapd.conf
  4. Run the cat command to open system configuration file slapd.conf where you can view related parameters.
    linux-ldap:/etc/openldap #cat slapd.conf 
     
    suffix "dc=example,dc=com" 
    rootdn  "cn=Manager,dc=example,dc=com" 
     
    rootpw    XXXXXXXXXXXX     
    • dc=example,dc=com corresponds to Base DN on the storage system configuration page.
    • cn=Manager,dc=example,dc=com corresponds to Bind DN on the storage system configuration page.
    • XXXXXXXXXXXX corresponds to Bind Password on the storage system configuration page. If the password is in ciphertext, contact LDAP server administrators to obtain the password.
  5. Run the cat command to open the example.ldif file. Find the DNs of a user and a user group that correspond to User Directory and Group Directory respectively on the storage system configuration page. For details about description of parameters, see Step 5 (Example of LDIF Files in Windows).
Translation
Download
Updated: 2019-07-11

Document ID: EDOC1000181531

Views: 94359

Downloads: 880

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next