Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 6.10 For Dell PowerEdge M1000e

151

152

153

154

155

156

157

158

159

160

Conguring Generic LDAP Directory Service Using CMC Web-

Based Interface

To congure the generic LDAP directory service:

NOTE: You must have Chassis Conguration Administrator privilege.

1 In the system tree, go to Chassis Overview, and then click User Authentication > Directory Services.

2 Select Generic LDAP.

The settings to be congured for standard schema is displayed on the same page.

3 Specify the following:

NOTE: For information about the various elds, see the

CMC Online

Help

• Common Settings

• Server to use with LDAP:

– Static server — Specify the FQDN or IP address and the LDAP port number.

– DNS server — Specify the DNS server to retrieve a list of LDAP servers by searching for their SRV record within the DNS.

The following DNS query is performed for SRV records:

_[Service Name]._tcp.[Search Domain]

where <Search Domain> is the root level domain to use within the query and <Service Name> is the service name to

use within the query.

For example:

_ldap._tcp.dell.com

where ldap is the service name and dell.com is the search domain.

4 Click Apply to save the settings.

NOTE

: You must apply the settings before continuing. If you do not apply the settings, the settings are lost when you

navigate to the next page.

5 In the Group Settings section, click a Role Group. The Congure LDAP Role Group page is displayed.

6 Specify the group domain name and privileges for the role group.

7 Click Apply to save the role group settings, click Go Back To Conguration page, and then select Generic LDAP.

8 If you have selected Certicate Validation Enabled option, then in the Manage Certicates section, specify the CA certicate to

validate the LDAP server certicate during SSL handshake and click

Upload.

The certicate is uploaded to CMC and the details are displayed.

9 Click Apply.

The generic LDAP directory service is congured.

Conguring Generic LDAP Directory Service Using RACADM

To congure the LDAP directory service, use the objects in cfgLdap and cfgLdapRoleGroup RACADM groups.

There are many options to congure LDAP logins. In most of the cases, some options can be used with their default settings.

NOTE

: It is highly recommended to use the racadm testfeature -f LDAP command to test the LDAP settings for rst time

setups. This feature supports both IPv4 and IPv6.

Conguring User Accounts and Privileges 159