3PAR InForm® OS 2.2.4 CLI Administrator's Manual (320-200113 Rev A, March 2009)

4.8

LDAP Connection

3PAR InForm OS CLI Administrator’s Manual InForm OS Version 2.2.4

 Configure account location parameters using the following commands:

 setauthparam accounts-dn <dn_path>

 setauthparam account-obj user

 setauthparam account-name-attr sAMAccount

 setauthparam memberof-attr memberOf

 checkpassword <user_name>

 Configure group-to-privilege mapping parameters using the following commands:

 setauthparam <privilege_map> <group>

 checkpassword <user_name>

Each step in the process above is discussed in the following sections. Each section is followed by

an example showing the implementation of the instructions described.

As you will see, a single user is used to determine group hierarchies and path structures used in

the system, which are then used to complete the LDAP configuration.

4.3.1.1 Configuring Connection Parameters

To configure connection parameters:

1 If not already known, obtain the LDAP server’s host name and Kerberos server information

by running the

ldapsearch command or using ldp.exe (available as part of the

downloadable Windows Support Tools from Microsoft). You must know the LDAP server’s IP

address.

NOTE: The examples used to illustrate the procedures described for Active

Directory LDAP configuration with SASL binding specifically use GSSAPI as the

SASL binding mechanism.

NOTE: If you do not have access to the ldapsearch command, use the ldp.exe

command shown below.