3PAR InForm® OS 2.2.4 CLI Administrator's Manual (320-200113 Rev A, March 2009)

4.14

LDAP Connection

3PAR InForm OS CLI Administrator’s Manual InForm OS Version 2.2.4

Example:

In the example above:

 Users belonging to the Software group are configured to have edit privileges within the

system.

 Users belonging the Eng group are configured to have browse privileges within the system.

In the example above:

 3PARuser is a member of the Software group and is assigned edit level privileges within

the system.

 Although 3PARuser is also a member of the Eng group, the edit privilege associated with

the

Software group supersedes the browse privilege associated with the Eng group.

 The mapping rules set for 3PARuser are applied to all members of the Software group

and

Eng groups; all Software group members have edit privileges within the system and

all

Eng group members have browse privileges within the system.

InServ1 cli% setauthparam -f edit-map CN=Software,CN=Users,DC=3par,DC=com

InServ1 cli% setauthparam -f browse-map CN=Eng,CN=Users,DC=3par,DC=com

InServ1 cli% checkpassword 3PARuser

...

+ search result: memberOf: CN=Software,CN=Users,DC=3par,DC=com

+ search result: memberOf: CN=Eng,CN=Users,DC=3par,DC=com

+ search result: memberOf: CN=Golfers,CN=Users,DC=3par,DC=com

+ mapping rule: edit mapped to by CN=Software,CN=Users,DC=3par,DC=com

+ rule match: edit mapped to by CN=Software,CN=Users,DC=3par,DC=com

+ mapping rule: browse mapped to by CN=Eng,CN=Users,DC=3par,DC=com

+ rule match: browse mapped to by CN=Eng,CN=Users,DC=3par,DC=com

user 3PARuser is authenticated and authorized