beautypg.com

Adding entries to the directory, Assigning a user to a group, Assigning the ldap role to a switch role – Brocade Fabric OS Administrators Guide (Supporting Fabric OS v7.3.0) User Manual

Page 164

background image

# Indices to maintain

index objectClass eq

overlay memberof

Adding entries to the directory

To add entries in the OpenLDAP directory, perform the following steps.

1. Using a text editor of your choice, create a .ldif file and enter the information for the entry.

The following example defines an organizational role for the Directory Manager in a .ldif file for an
organization with the domain name mybrocade.com.

# Organization for mybrocade Corporation

dn: dc=mybrocade,dc=com

objectClass: dcObject

objectClass: organization

dc: mybrocade

o: Mybrocade Corporation

description: Mybrocade Corporation

############################################################################

# Organizational Role for Directory Manager

dn: cn=Manager,dc=mybrocade,dc=com

objectClass: organizationalRole

cn: Manager

description: Directory Manager

2. Enter the ldapadd command to add the contents of the .ldif file to the Directory, where test.ldif is

the file you created in step 1.

switch:admin> ldapadd -D cn=Manager,dc=mybrocade,dc=com -x -w secret -f test.ldif

Assigning a user to a group

Before you can assign a user to a group, the memberOf overlay must be added to the slapd.conf file.
Refer to

Enabling group membership

on page 163 for details.

1. In a .ldif file, create a "groupOfNames" objectClass entry with the name of the group, for example,

"admin," to create a group.

2. Set a "member" attribute for the group instance to identify the member, as in this example:

"cn=Sachin,cn=Users,dc=mybrocade,dc=com"

Automatically, the "memberOf" attribute of the entry Sachin will have the value
"cn=admin,ou=groups,dc=mybrocade,dc=com", which assigns Sachin to the admin group.

3. Enter the ldapadd command.

For example, the .ldif file might contain information similar to the following:

#Groups in organization

dn: ou=groups,dc=mybrocade,dc=com

objectclass:organizationalunit

ou: groups

description: generic groups branch

dn: cn=admin,ou=groups,dc=mybrocade,dc=com

objectclass: groupofnames

cn: admin

description: Members having admin permission

#Add members for admin group

member: cn=sachin,cn=Users,dc=mybrocade,dc=com

Assigning the LDAP role to a switch role

Use the ldapCfg --maprole command to map LDAP server permissions to one of the default roles
available on a switch.

Adding entries to the directory

164

Fabric OS Administrators Guide

53-1003130-01

See also other documents in the category Brocade Computer Accessories: