Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC6 for Monolithic Servers Version 1.3
181182183184185186187188189190
182 Using the iDRAC6 Directory Service
12
In the
LDAP Server Address
field, enter the fully qualified domain name
(FQDN) or the IP address of the LDAP server. To specify multiple
redundant LDAP servers that serve the same domain, provide the list of all
servers separated by commas. iDRAC6 tries to connect to each server in
turn, until it makes a successful connection.
13
Enter the port used for LDAP over SSL in the
LDAP Server Port
field. The
default is 636.
14
In the
Bind DN
field, enter the DN of a user used to bind to the server
when searching for the login user’s DN. If not specified, an anonymous
bind is used.
15
Enter the
Bind Password
to use in conjunction with the
Bind DN
. This is
required if anonymous bind is not allowed.
16
In the
Base DN to Search
field, enter the DN of the branch of the
directory where all searches should start.
17
In the
Attribute of User Login
field, enter the user attribute to search for.
Default is UID. It is recommended that this be unique within the chosen
Base DN, else a search filter must be configured to ensure the uniqueness
of the login user. If the user DN cannot be uniquely identified by the
search combination of attribute and search filter, the login will fail.
18
In the
Attribute of Group Membership
field, specify which LDAP
attribute should be used to check for group membership. This should be
an attribute of the group class. If not specified, iDRAC6 uses the
member
and
uniquemember
attributes.
19
In the
Search Filter
field, enter a valid LDAP search filter. Use the filter if
the user attribute cannot uniquely identify the login user within the
chosen Base DN. If not specified, the value defaults to
objectClass=*
,
which searches for all objects in the tree. This additional search filter
configured by the user applies only to userDN search and not the group
membership search.
20
Click
Next
to go to the
Step 3a of 3 Generic LDAP Configuration and
Management
page. Use this page to configure the privilege groups used to
authorize users. When generic LDAP is enabled, Role Group(s) are used
to specify authorization policy for iDRAC6 users.
NOTE: In this release, unlike AD, you do not need to use special characters
("@", "\", and "/") to differentiate an LDAP user from a local user. You should
only enter your user name to log in, and should not include the domain name.