User guide
UI name CLI name
(Provider.cfg)
Description and requirements
- - -
This user must have Read all inetOrgPerson
information in Active Directory. The InetOrgPerson
object class is used in several non-Microsoft,
Lightweight Directory Access Protocol (LDAP) and
X.500 directory services to represent people in an
organization.
To set this privilege in Active Directory, open Active
Directory Users and Computers, right click on the
domain, and select Delegate Control... . Click
Next, then select the user that you are using for
managerdn and click Next. The required
permission is on the next screen "Read all
inetOrgPerson information."
Example:
CN=Manager,CN=Users,DC=mydomaincontroller,D
C=com
In this example, the Active Directory Bind user is
Manager, in the Users tree of the
mydomaincontroller.com domain. Usually
managerdn is a user who has fewer privileges than
Administrator, but has sufficient privileges to query
Active Directory for users attributes and group
information.
WARNING
You must update this value in ViPR if the
managerdn credentials change in Active Directory.
Manager Password
passwd_user The password of the managerdn user.
WARNING
You must update this value in ViPR if the
managerdn credentials change in Active Directory.
Disabled disable Select Disabled if you want to add the server to
ViPR but not immediately use it for authentication.
(Regardless of whether this property is true, ViPR
validates that the provider's name and domain are
unique.)
Group Attribute groupattr Indicates the Active Directory attribute that is used
to identify a group. Used for searching the directory
by groups.
Example: CN
Active Directory only. Does not apply to other
authentication providers.
Initial Configuration of ViPR Virtual Appliance
42 EMC ViPR 1.1.0 Installation and Configuration Guide