3PAR InForm® OS 2.3.1 CLI Administrator's Manual (320-200180 Rev B, February 2010)
4.15
LDAP Connection
InForm OS Version 2.3.1 3PAR InForm CLI Administrator’s Manual
4.3.1.4 Configuring Group-To-Privilege Mapping Parameters
Once you have configured the group location parameters, you must now decide what privilege
you wish to assign the users for a given group. To configure group-to-privilege mapping:
1 Issue the
setauthparam <privilege_map> <group> command, where:
◆ <privilege_map> is one of:
◆ super-map - provides super level privileges within the specified group.
◆ service-map - provides service level privileges within the specified group.
◆ edit-map - provides edit level privileges within the specified group.
◆ browse-map - provides browse level privileges within the specified group.
◆ <group> is the group to which the user has membership, as displayed with the
checkpassword command. You can specify multiple groups. For Active Directory, the
group is displayed as a string of information as shown in the following example:
CN=Software,CN=Users,DC=ACME,DC=com
2 Repeat step 1 above if you wish to assign users a different privilege level for another group
to which that user has membership.
3 Issue the
checkpassword command to verify that the users have the privilege(s) you
assigned for the desired group(s). Use a member of a specific group to verify the privilege.
Example:
In the example above:
■ Users belonging to the Software group are configured to have edit privileges within the
system.
■ Users belonging the Eng group are configured to have browse privileges within the system.
InServ1 cli% setauthparam -f edit-map CN=Software,CN=Users,DC=3par,DC=com
InServ1 cli% setauthparam -f browse-map CN=Eng,CN=Users,DC=3par,DC=com