Reference Guide
Default
LDAP
cfgLdapRoleGroup
This group allows the user to congure role groups for LDAP.
Use this object with the cong or getcong subcommands.
cfgLDAPRoleGroup is indexed, containing instances numbered from 1 to 5. Each object instance consists of a pair of properties:
• cfgLDAPRoleGroupDN — an LDAP distinguished name (DN)
• cfgLDAPRoleGroupPrivilege — a iDRAC privilege map
Each LDAP-authenticated user assumes the total set of iDRAC privileges assigned to the matching LDAP distinguished names that the
user belongs to. That is, if the user belongs to multiple role group DNs, the user receives all associated privileges for that DNs.
The following sections provide information about the objects in the cfgLdapRoleGroup.
cfgLDAPRoleGroupIndex (Read Only)
Description It is the index value of the Role Group Object.
Legal Values
An integer between 1 and 5
Default
<instance>
cfgLdapRoleGroupDN (Read or Write)
Description
It is the Domain Name of the group in this index.
Legal Values
String. Maximum length = 1024
Default
None
Example
racadm getconfig -g cfgLDAPRoleGroup -o cfgLDAPRoleGroupDN
-i 1 cn=everyone,ou=groups,dc=openldap,dc=com
cfgLdapRoleGroupPrivilege (Read or Write)
Description
A bit–mask dening the privileges associated with this particular group.
Legal Values
0x00000000 to 0x000001
Default
0x000
iDRAC Property Database Group and Object Descriptions 143