3PAR InForm® OS 2.2.4 CLI Administrator's Manual (320-200113 Rev A, March 2009)
4.30
LDAP Connection on Systems Using Domains
3PAR InForm OS CLI Administrator’s Manual InForm OS Version 2.2.4
setauthparam account-name-attr sAMAccount
setauthparam memberof-attr memberOf
checkpassword <user_name>
Configure group-to-privilege mapping parameters using the following command:
setauthparam <privilege_map> <group>
Configure group-to-domain mapping parameters using the following commands:
setauthparam group-obj group
setauthparam domain-name-attr <attribute>, and optionally
setauthparam domain-name-prefix <prefix>
checkpassword <user_name>
The following instructions describe how to set up an Active Directory LDAP connection on an
InServ Storage Server using domains:
1 Follow the directions as described in the following sections:
a 4.3.1.1 Configuring Connection Parameters on page 4.8
b 4.3.1.2 Configuring Binding Parameters on page 4.10
c 4.3.1.3 Configuring Account Location Parameters on page 4.11
d 4.3.1.4 Configuring Group-To-Privilege Mapping Parameters on page 4.13; however, do
not issue the
checkpassword command.
2 Configure the group-to-domain mapping parameters, as follows:
Issue the setauthparam domain-name-attr <attribute> command, where
<attribute> is the name of an attribute that holds the potential domain name. A
common parameter to specify as the
<attribute> is name.
(Optional) Issue the setauthparam domain-name-prefix <prefix> command,
where <prefix> is the start point of the domain name search within the information
returned from the
domain-name-attr <attribute> parameter described above. An
example parameter to specify as the <prefix> is InServDomain=.
3 Issue the
checkpassword command to verify that the users have the privilege(s) you
assigned for the desired group(s) and the group-to-domain mapping is correct. Use a
member of a specific group to verify the privilege.