3PAR InForm® OS 2.3.1 CLI Administrator's Manual (320-200180 Rev B, February 2010)

4.12

LDAP Connection

3PAR InForm CLI Administrator’s Manual InForm OS Version 2.3.1

4.3.1.2 Configuring Binding Parameters

After you have configured the connection parameters to your LDAP server, you must configure

the binding (authentication) parameters for users.

1 Issue the

setauthparam binding sasl command.

2 Issue the

setauthparam sasl-mechanism <SASL_type> command, where <type> is

specified as

PLAIN, DIGEST-MD5, or GSSAPI.

For information on binding types, see Chapter 4, LDAP, in the InForm OS Concepts Guide

Example:

In the example above, GSSAPI SASL binding is used for authentication.

4.3.1.3 Configuring Account Location Parameters

To configure the account location parameters:

1 If you are unsure of the user’s account information, select a known user’s full name (to be

entered as the

cn value) and run the ldapsearch command using the

defaultNamingContext value previously displayed in 4.3.1.1 Configuring Connection

Parameters on page 4.10. Make a note of the group information displayed in the

command’s output.

2 Issue the

setauthparam accounts-dn <dn_path> command.

3 Issue the

setauthparam account-obj user command.

4 Issue the

setauthparam account-name-attr sAMAccount command.

5 Issue the

setauthparam memberof-attr memberOf command.

6 Issue the checkpassword command to obtain information about the user’s group

membership(s) from the LDAP server.

InServ1 cli% setauthparam -f binding sasl

InServ1 cli% setauthparam -f sasl-mechanism GSSAPI

NOTE: You must know the user’s password in order to successfully use the

checkpassword command.