Manualshelf

User's Manual

ManualsBrandsDell ManualsSoftwareDell Chassis Management Controller Version 3.0
281282283284285286287288289290
Using the CMC Directory Service 285
Configuring Generic LDAP Directory Service Using RACADM
NOTE: This feature supports both IPv4 and IPv6.
There are many options to configure LDAP logins. In most of the cases, some
options can be used with their default settings.
NOTE: It is highly recommended to use the 'racadm testfeature -f LDAP' command
to test the LDAP settings for first time setups. This feature supports both IPv4 and
IPv6.
Required property changes include enabling LDAP logins, setting the server
FQDN or IP, and configuring the base DN of the LDAP server.
$ racadm config -g cfgLDAP -o cfgLDAPEnable 1
$ racadm config -g cfgLDAP -o cfgLDAPServer
192.168.0.1
$ racadm config -g cfgLDAP -o cfgLDAPBaseDN dc=
company,dc=com
The CMC can be configured to optionally query a DNS server for SRV
records. If the cfgLDAPSRVLookupEnable property is enabled the
cfgLDAPServer property is ignored. The following query is used to search the
DNS for SRV records:
_ldap._tcp.domainname.com
ldap in the above query is the cfgLDAPSRVLookupServiceName property.
cfgLDAPSRVLookupDomainName is configured to be domainname.com.
Usage
To login to the CMC using an LDAP user, use the username at the login
prompt and the user's password at the password prompt. If a LDAP user
cannot be logged in for any reason, the CMC falls back and attempts to use a
local login with the same username and password. This allows a login if
network connectivity is broken or the LDAP server is not reachable.
Getting Help
The CMC's tracelog contains some information on why a user may fail to
login. To triage LDAP login failures, it is recommended to use the racadm
testfeature -f LDAP command with the debugging turned on.