Reference Guide
Simple
Simple authentication means the NAS Server must provide a bind distinguished name and
password to access the LDAP-based directory server.
Kerberos
Kerberos authentication means the NAS Server uses a KDC to confirm the identity when
accessing the Active Directory.
-base_DN
Name of the LDAP base DN. Base Distinguished Name (BDN) of the root of the LDAP directory
tree. The appliance uses the DN to bind to the LDAP service and locate in the LDAP directory
tree to begin a search for information. The base DN can be expressed as a fully-qualified
domain name or in X.509 format by using the attribute dc=. For example, if the fully-
qualified domain name is mycompany.com, the base DN is expressed as
dc=mycompany,dc=com.
-addresses
The list of LDAP server IP addresses. The addresses may be IPv4 or IPv6.
-add_addresses
IP addresses to add to the current server IP addresses list. The addresses may be IPv4 or
IPv6. Error occurs if an IP address already exists in the addresses list. Cannot be combined
with addresses.
-remove_addresses
IP addresses to remove from the current server IP addresses list. The addresses may be IPv4
or IPv6. Error occurs if an IP address does not exist in the addresses_list. Cannot be
combined with addresses.
-port_number
The TCP/IP port used by the NAS Server to connect to the LDAP servers.
-protocol
Indicates whether the LDAP protocol uses SSL for secure network communication. SSL
encrypts data over the network and provides message and server authentication.
LDAP
LDAP protocol without SSL.
LDAPS
(Default) LDAP protocol with SSL. When you enable LDAPS, make sure to specify the
appropriate LDAPS port (usually port 636) and to upload an LDAPS trust certificate to the
LDAP server.
-is_verify_server_certificate
Indicates whether Certification Authority certificate is used to verify the LDAP server
certificate for secure SSL connections. Values are:
355
Dell EMC PowerStore CLI Reference Guide