Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC6 for Blade Servers Version 3.2

161

162

163

164

165

166

167

168

169

170

164 Using iDRAC6 Directory Service

Enter the port used for LDAP over SSL in the

LDAP Server Port

field. The

default is 636.

In the

Bind DN

field, enter the DN of a user used to bind to the server

when searching for the login user’s DN. If not specified, an anonymous

bind is used.

Enter the

Bind Password

to use in conjunction with the

Bind DN

. This is

required if anonymous bind is not allowed.

In the

Base DN to Search

field, enter the DN of the branch of the

directory where all searches should start.

In the

Attribute of User Login

field, enter the user attribute to search for.

Default is UID. It is recommended that this be unique within the chosen

Base DN, else a search filter must be configured to ensure the uniqueness

of the login user. If the user DN cannot be uniquely identified by the

search combination of attribute and search filter, the login will fail.

In the

Attribute of Group Membership

field, specify which LDAP

attribute should be used to check for group membership. This should be

an attribute of the group class. If not specified, iDRAC6 uses the

member

and

uniquemember

attributes.

In the

Search Filter

field, enter a valid LDAP search filter. Use the filter if

the user attribute cannot uniquely identify the login user within the

chosen Base DN. If not specified, the value defaults to

objectClass=*

which searches for all objects in the tree. This additional search filter

configured by the user applies only to userDN search and not the group

membership search.

Click

to go to the

Step 3a of 3

Generic LDAP Configuration and

Management

page. Use this page to configure the privilege groups used to

authorize users. When generic LDAP is enabled, Role Group(s) are used

to specify authorization policy for iDRAC6 users.

Under

Role Groups

, click a

Role Group

The

Step 3b of 3 Generic LDAP Configuration and Management

page is

displayed. Use this page to configure each Role Group used to control

authorization policy for users.

Enter the

Group Distinguished Name (DN)

that identifies the role group

in the generic LDAP Directory Service associated with iDRAC6.