Manualshelf

User's Manual

ManualsBrandsDell ManualsSoftwareDell Chassis Management Controller Version 3.1
281282283284285286287288289290
288 Using the CMC Directory Service
Configuring Generic LDAP Directory Service Using RACADM
NOTE: This feature supports both IPv4 and IPv6.
There are many options to configure LDAP logins. In most of the cases, some
options can be used with their default settings.
NOTE: It is highly recommended to use the 'racadm testfeature -f LDAP' command
to test the LDAP settings for first time setups. This feature supports both IPv4 and
IPv6.
Required property changes include enabling LDAP logins, setting the server
FQDN or IP, and configuring the base DN of the LDAP server.
$ racadm config -g cfgLDAP -o cfgLDAPEnable 1
$ racadm config -g cfgLDAP -o cfgLDAPServer
192.168.0.1
$ racadm config -g cfgLDAP -o cfgLDAPBaseDN dc=
company,dc=com
CMC can be configured to optionally query a DNS server for SRV records. If
the cfgLDAPSRVLookupEnable property is enabled the cfgLDAPServer
property is ignored. The following query is used to search the DNS for SRV
records:
_ldap._tcp.domainname.com
ldap in the above query is the cfgLDAPSRVLookupServiceName property.
cfgLDAPSRVLookupDomainName is configured to be domainname.com.
Usage
To login to CMC using an LDAP user, use the username at the login prompt
and the user's password at the password prompt. If a LDAP user cannot be
logged in for any reason, CMC falls back and attempts to use a local login
with the same username and password. This allows a login if network
connectivity is broken or the LDAP server is not reachable.
Getting Help
CMC's tracelog contains some information on why a user may fail to login.
To triage LDAP login failures, it is recommended to use the racadm
testfeature -f LDAP command with the debugging turned on.