Veritas Storage Foundation 5.1 SP1 Cluster File System Installation Guide (5900-1510, April 2011)
To enable OpenLDAP authentication for clusters that run in secure mode
1
Add the LDAP domain to the AT configuration using the vssat command.
The following example adds the LDAP domain, MYENTERPRISE:
# /opt/VRTSat/bin/vssat addldapdomain \
--domainname "MYENTERPRISE.symantecdomain.com"\
--server_url "ldap://my_openldap_host.symantecexample.com"\
--user_base_dn "ou=people,dc=symantecdomain,dc=myenterprise,dc=com"\
--user_attribute "cn" --user_object_class "account"\
--user_gid_attribute "gidNumber"\
--group_base_dn "ou=group,dc=symantecdomain,dc=myenterprise,dc=com"\
--group_attribute "cn" --group_object_class "posixGroup"\
--group_gid_attribute "member"\
--admin_user "cn=manager,dc=symantecdomain,dc=myenterprise,dc=com"\
--admin_user_password "password" --auth_type "FLAT"
2
Verify that you can successfully authenticate an LDAP user on the SFCFS
nodes.
You must have a valid LDAP user ID and password to run the command. In
the following example, authentication is verified for the MYENTERPRISE
domain for the LDAP user, vcsadmin1.
galaxy# /opt/VRTSat/bin/vssat authenticate
--domain ldap:MYENTERPRISE.symantecdomain.com
--prplname vcsadmin1 --broker galaxy:2821
Enter password for vcsadmin1: ##########
authenticate
----------------------
----------------------
Authenticated User vcsadmin1
----------------------
253Verifying the Storage Foundation Cluster File System installation
About enabling LDAP authentication for clusters that run in secure mode