Brocade Network Advisor SAN User Manual v12.0.0 (53-1002696-01, April 2013)
Brocade Network Advisor SAN User Manual 157
53-1002696-01
LDAP authorization on the Management server
6
LDAP authorization on the Management server
NOTE
You must have User Management Read and Write privileges to map roles and AORs to Active
Directory (AD) groups.
NOTE
You must configure an LDAP server as the primary authentication server and set LDAP Authorization
as the authorization preference (refer to “Configuring LDAP server authentication” on page 297).
Lightweight Directory Access Protocol (LDAP) authorization enables you to configure user access
rights to AD groups (including users, contacts, computers, and other AD groups) by assigning roles
and AORs to groups in the Management application. LDAP provides user authentication and
authorization using the AD service in conjunction with LDAP on the switch.
Assigning roles and AORs to an AD group
Using LDAP authentication, you assign users to groups within the LDAP server, and assign roles and
AORs to the groups within the Management application.
To assign roles and AORs to an AD group, complete the following steps.
1. Select Server > Users.
The Users dialog box displays.
2. Click the LDAP Authorization tab.
3. Select the roles and AORs you want to assign to the AD group in the Available Roles / AORs
table.
Select multiple roles and AORs by holding down the CTRL key and clicking more than one role
and AOR.
4. Select the AD group to which you want to assign the selected roles and AORs in the Active
Directory Groups table.
If the AD group you want does not display in the table, refer to “Loading an AD group” on
page 158.
5. Click the right arrow button.
The selected roles and AORs are moved to the Active Directory Groups table.
6. Click Apply to save your work
When you assign roles and AORs to an AD group and save the configurations, when you reopen
the Users dialog box and select the LDAP Authorization tab, only the configured AD group is
available.