3PAR InForm® OS 2.3.1 CLI Administrator's Manual (320-200180 Rev B, February 2010)

4.29

LDAP Connection

InForm OS Version 2.3.1 3PAR InForm CLI Administrator’s Manual

In the example above:

■ posixGroup is the group object class.

■ cn is the attribute of the posixGroup, which has a value of the group’s name.

■ memberUid is the attribute with the value of the user’s username.

4.3.3.4 Configuring Group-To-Privilege Mapping Parameters

1 Issue the setauthparam <privilege_map> <group> command, where:

◆ <privilege_map> is one of:

◆ super-map - provides super level privileges within the specified group.

◆ service-map - provides service level privileges within the specified group.

◆ edit-map - provides edit level privileges within the specified group.

◆ browse-map - provides browse level privileges within the specified group.

◆ <group> is the group to which the user has membership, as displayed with the

checkpassword command. You can specify multiple groups.

2 Repeat step 1 above if you wish to assign users a different privilege level for another group

to which that user has membership.

3 Issue the

checkpassword command to verify that the users have the privilege(s) you

assigned for the desired group(s). Use a member of a specific group to verify the privilege.

Example:

InServ1 cli% setauthparam -f group-obj posixGroup

InServ1 cli% setauthparam -f group-name-attr cn

InServ1 cli% setauthparam -f member-attr memberUid

InServ1 cli% setauthparam -f super-map software

InServ1 cli% setauthparam -f edit-map engineering

InServ1 cli% setauthparam -f browse-map hardware