Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 5.20 for Dell PowerEdge M1000E

141

142

143

144

145

146

147

148

149

150

To authenticate a user:

1. Optionally bind to the Directory Service. The default is an anonymous bind.

2. Search for the user based upon their user login. The default attribute is uid.

If more than one object is found, then the process returns an error.

3. Unbind and perform a bind with the user's DN and password.

If the bind fails, then the login fails.

If these steps succeed, the user is authenticated.

Authorization of LDAP Users

To authorize a user:

1. Search each configured group for the user's domain name within the member or uniqueMember attributes.

2. For every group that the user is a member of, the privileges of all the groups get added together.

Configuring Generic LDAP Directory Service Using CMC Web-Based Interface

To configure the generic LDAP directory service:

NOTE: You must have Chassis Configuration Administrator privilege.

1. In the system tree, go to Chassis Overview, and then click User Authentication → Directory Services.

2. Select Generic LDAP.

The settings to be configured for standard schema is displayed on the same page.

3. Specify the following:

NOTE: For information about the various fields, see the

CMC Online Help

• Common Settings

• Server to use with LDAP:

– Static server — Specify the FQDN or IP address and the LDAP port number.

– DNS server — Specify the DNS server to retrieve a list of LDAP servers by searching for their SRV record within the

DNS.

The following DNS query is performed for SRV records:

_[Service Name]._tcp.[Search Domain]

where <Search Domain> is the root level domain to use within the query and <Service Name> is the service

name to use within the query.

For example:

_ldap._tcp.dell.com

where ldap is the service name and dell.com is the search domain.

4. Click Apply to save the settings.

NOTE: You must apply the settings before continuing. If you do not apply the settings, the settings are lost when

you navigate to the next page.

5. In the Group Settings section, click a Role Group. The Configure LDAP Role Group page is displayed.

6. Specify the group domain name and privileges for the role group.

7. Click Apply to save the role group settings, click Go Back To Configuration page, and then select Generic LDAP.

8. If you have selected Certificate Validation Enabled option, then in the Manage Certificates section, specify the CA certificate

to validate the LDAP server certificate during SSL handshake and click Upload.

The certificate is uploaded to CMC and the details are displayed.

9. Click Apply.

The generic LDAP directory service is configured.

141