beautypg.com

Configuring ldap id mapping – HP StoreAll Storage User Manual

Page 66

background image

ibrix_ldapconfig -a -h LDAPSERVERHOST [-P LDAPSERVERPORT] -b LDAPBINDDN

-p LDAPBINDDNPASSWORD -w LDAPWRITEOU -B LDAPBASEOFSEARCH -n NETBIOS -E

ENABLESSL [-f CERTFILEPATH] [-c CERTFILECONTENTS]

The options are:

The LDAP server host (server name or IP address).

-h LDAPSERVERHOST

The LDAP server port.

-P LDAPSERVERPORT

The LDAP bind Distinguished Name. For example:
cn=hpx9000-readonly-user,dc=enxt,dc=net

.

-b LDAPBINDDN

The LDAP bind password.

-p LDAPBINDDNPASSWORD

The LDAP write Organizational Unit, or OU (for example,
ou=x9000Config,,ou=configuration,dc=enxt,dc=net

).

-w LDAPWRITEOU

The LDAP base for searches (for example, ou=people,cd=enx,dc=net).

-B LDAPBASEOFSEARCH

The NetBIOS name, such as X9000.

-n NETBIOS

The type of certificate required. Enter 0 for no certificate, 1 for TLS, or 2 for SSL.

-E ENABLESSL

The path to the TLS or SSL certificate file, such as /usr/local/ibrix/ldap/
key.pem

.

-f CERTFILEPATH

The contents of the certificate file. Copy the contents and paste them between quotes.

-c CERTFILECONTENTS

Modify an LDAP configuration:

ibrix_ldapconfig -m -h LDAPSERVERHOST [-P LDAPSERVERPORT] [e|D] [-b

LDAPBINDDN] [-p LDAPBINDDNPASSWORD] [-w LDAPWRITEOU] [-B

LDAPBASEOFSEARCH] [-n NETBIOS] [-E ENABLESSL] [-f CERTFILEPATH] [-c

CERTFILECONTENTS]

View the LDAP configuration:

ibrix_ldapconfig -i

Delete LDAP settings for an LDAP server host:

ibrix_ldapconfig -d -h LDAPSERVERHOST

Enable LDAP:

ibrix_ldapconfig -e -h LDAPSERVERHOST

Disable LDAP:

ibrix_ldapconfig -D -h LDAPSERVERHOST

Configuring LDAP ID mapping

Use the ibrix_ldapidmapping command to configure LDAP ID mapping as a secondary lookup
source for Active Directory. LDAP ID mapping can be used only for CIFS shares.

Add an LDAP ID mapping:

ibrix_ldapidmapping -a -h LDAPSERVERHOST -B LDAPBASEOFSEARCH [-P

LDAPSERVERPORT] [-b LDAPBINDDN] [-p LDAPBINDDNPASSWORD] [-m MAXWAITTIME]

[-M MAXENTRIES] [-n] [-s] [-o] [-u]

This command automatically enables LDAP RFC 2307 ID Mapping. The options are:

The LDAP server host (server name or IP address).

-h LDAPSERVERHOST

The LDAP base for searches (for example, ou=people,cd=enx,dc=net).

-B LDAPBASEOFSEARCH

The LDAP server port (TCP port 389).

-P LDAPSERVERPORT

The LDAP bind Distinguished Name (the default is anonymous). For example:
cn=hpx9000-readonly-user,dc=enxt,dc=net

.

-b LDAPBINDDN

66

Configuring authentication for CIFS, FTP, and HTTP

See also other documents in the category HP Storage: