beautypg.com

Ldapcfg – Dell POWEREDGE M1000E User Manual

Page 504

background image

472

Fabric OS Command Reference

53-1001764-02

ldapCfg

2

ldapCfg

Maps LDAP AD server roles to default switch roles.

ldapcfg --maprole ldaprole switchrole

ldapcfg --unmaprole ldaprole

ldapcfg --show

ldapcfg --help

Description

Use this command to map a Lightweight Directory Access Protocol (LDAP) Active Directory (AD)
server role to one of the default roles available on a switch. This command also provides an option
to remove an existing mapping.

This command creates an alias for a customer-defined group which allows a user belonging to that
group to login to the switch with the permissions associated with the mapped switch role.

This command supports one-to-one role mapping only. For example, you might map the "SAN
administrator" role on the AD server to the "admin" role on the switch, or the "SAN maintenance"
role to the switch "operator" role. But the command fails if you attempt to map an already mapped
AD server role.

Note

The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may
be in place. Refer to chapter 1, "Using Fabric OS commands" and Appendix A, "Command
Availability"
for details.

Operands

This command takes as input an action and its associated arguments. When no operand is
specified, the command prints the usage.

This command has the following operands:

--

maprole

Maps an LDAP role to a specified switch role. The following operands are
required:

ldaprole

Specifies the LDAP role to be mapped to a switch role. The role must be a
valid AD server role.

switchrole

Specifies the switch role to which the LDAP role is mapped. Valid switch roles
include the following:

admin

user

switchadmin

zoneadmin

fabricadmin

basicswitchadmin

operator

securityadmin

--

unmaprole

Removes the mapping between an LDAP role and a switch role. Use the
--

show option for a listing of existing mappings. The following operand is

required:

ldaprole

Specifies the LDAP AD sever role to be removed from the mapping.