Openldap 2.4, Configuring ldap, General tab – HP StoreEver ESL G3 Tape Libraries User Manual

OpenLDAP 2.4

You must install and run OpenLDAP 2.4 or later. The supported Objects in OpenLDAP 2.4 and
above are of type Person or derived objects, and the group Objects must be of type
GroupOfNames

.

OpenLDAP must be compiled with Overlay Support and requires the installation of memberOf
overlay. More information can be found in the man pages of OpenLDAP with the man
slapo-memberof

command.

Configuring LDAP

To configure LDAP:

1.

Select Setup

→User Configuration→LDAP.

The LDAP Configuration dialog box appears with the General tab displayed.

2.

On the General tab, you can enable or disable LDAP functionality:
•

To enable LDAP, select Enable LDAP.

•

To disable LDAP, clear the Enable LDAP check box.

3.

To configure or modify LDAP, use the appropriate tabs and set the following configurations:

General tab

You can enable or disable LDAP functionality:

•

To enable LDAP, select Enable LDAP.

•

To disable LDAP, clear the Enable LDAP check box.

Server Configuration

Enter the IP address or the DNS name for the Primary and Alternate LDAP servers. Only primary
is required.

To enter a servers DNS name, the library must already be configured for DNS. The DNS
configuration is enabled by going to Setup

→Network Configuration→DNS Configuration. If the

library is not configured for DNS then only hex characters are allowed in the Primary and Alternate
fields (0-9, a-f).

The Secure check box enables the setup options to access a secure LDAP server, which can be
done using any port except 389. The default secure port is 636. If you enable this option, you
must retrieve the Trusted Root Certificate from the server by clicking the Retrieve TR button. Retrieval
can take several minutes. A dialog box displays basic Trusted Root certificate information, such
as subject name, MD5, and SHA 1 hashes. It is recommended that you verify this information
independently on the LDAP server.

Port Enter the appropriate port in this field. The default port for non secure connections is 389,
and it is 636 for secure (SSL) based LDAP connections. The port setting can be changed.

Search Information

The User and Password boxes should contain the user name and password of a LDAP server user
with sufficient privileges to query the LDAP server. These are the login credentials that are sent to
the LDAP server. The credentials are sent in the LDAP distinguished name format. The format required
is specific to the LDAP server being accessed. The LDAP administrator can provide the information
needed. As an example, the LDAP distinguished name for a local LDAP server is:

[email protected],OU=US,OU=Users,OU=Accounts,DC=global,DC=local,DC=net

Access tab

Context Information

Using LDAP

69