Mapping an active directory group to a switch role – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual

220

Network OS NETCONF Operations Guide

53-1003231-02

LDAP

16

Mapping an Active Directory group to a switch role

A maximum of 16 AD groups can be mapped to the switch roles.

To map an Active Directory (AD) group to a switch role, perform the following steps.

1. Issue the RPC to configure the node in the

urn:brocade.com:mgmt:brocade-aaa namespace.

2. Under the node, include the / hierarchy of node elements.

3. Under the node, include the following leaf elements.

a. In the element, use a character string to specify the AD group you want to map

to a switch role.

b. In the element, specify the switch role to which you want to apply the AD

group.

In the following example, a Brocade user with the admin role inherits all privileges associated with
the Active Directory Administrator group.

Administrator

admin

Removing the mapping of an Active Directory to a switch role

To remove an AD group mapping from a switch role, perform the following steps.

1. Issue the RPC to configure the node in the

urn:brocade.com:mgmt:brocade-aaa namespace.

2. Under the node, include the / hierarchy of node elements.

3. Under the node, include the following leaf elements.

4. In the element, specify the AD group you want to unmap and include the delete

operation in the element tag.