HP 3PAR Operating System Software User Manual
Page 77
For an LDAP configuration with SASL binding, the following in formation is provided:
Description
Field
Group
The IP address of the LDAP server.
LDAP Server
General
(With HP 3PAR OS 3.1.2 or higher, the LDAP server name can
be either an IP address or a DNS server name.
Indicates the port of the LDAP server (default 389 for non-SSL,
636 for SSL)
Port
When the Domain Name Prefix is set, the value of the attribute
specified by the Domain Name Attribute is a candidate domain
Domain Name Attribute
name. The value of domain-name-prefix is a character string
used to extract the domain name from the candidate. The value
is an optional exclamation point ('!') followed by a character
string called the prefix. The exclamation point is a flag that
means the presence of the prefix is required and is described
more below.
The candidate domain name is searched for the presence of
the prefix and if found, the domain name starts after the first
occurrence of the prefix and stops before the first space or tab
following it or at the end of the candidate domain name.
If the prefix is not found, the behavior depends on the flag. If
the exclamation point was not used (there is no flag), the
candidate domain name becomes the domain name. If the flag
is present, the candidate domain name is rejected and there is
no domain name. As a last step, and as described for the
Domain Name Attribute, domain names can be truncated and
have invalid characters replaced.
When set, the mapping of groups to domains is enabled. For
a user that is a member of a group that maps to a role, the
Domain Name Prefix
value of the Domain Name Attribute is used to look up an
attribute in the group that holds the name of a domain. If the
domain is too long or contains characters that are not allowed
in a domain name, the name is truncated to the maximum length
of a domain name and invalid characters are replaced with an
underscore ('_').
Indicates whether LDAP users are allowed to set a publish SSH
key using the CLI command setsshkey.
Allow SSH Key
Viewing an LDAP Configuration
77