Loading ...
Loading ...
Loading ...
![](https://files.manualsfile.com/86937454-evma2130x-new/bg81.png)
Configuring/Commissioning/Testing LDAP
Servicing the Network Management Module – 129
1.
2.
3.
4.
a.
b.
5.
6.
7.
1.
2.
3.
4 Servicing the Network Management Module
4.1 Configuring/Commissioning/Testing LDAP
4.1.1 Commissioning
Refer to the section
Contextual help>>>Settings>>>Local users to get help on the configuration.
4.1.1.1 Configuring connection to LDAP database
This step configures the LDAP client of the network module to request data from an LDAP base.
Activate LDAP.
Define security parameters according to LDAP servers' requirements.
Configure primary server (and optionally a secondary one).
If security configuration needs server certificate verification, import your LDAP server certificate.
Refer to the section to get help on certificate import.
In case LDAP server certificate is self-signed, import the self-signed certificate in the
Trusted remote certificate
list
for
LDAP
service.
in case LDAP server certificate has been signed by a CA, import the corresponding CA in the
Certificate authorities
(CA)
list for
LDAP
service.
Configure credentials to bind with the LDAP server or select
anonymous
if no credentials are required.
Configure the
Search base DN
.
Configure the request parameters (see examples below).
4.1.1.1.1 Typical request parameters
ParameterOpenLDAPActive Directory™ with POSIX
account activated
Active Directory™
User base DNou=users, dc=example, dc=comou=users, dc=example, dc=comou=users, dc=example, dc=com
User name attributeuiduidsAMAccountName
UID attributeuidNumberuidNumberobjectSid:S-1-5-xx-yy-zz (domain SID)
Group base DNou=groups, dc=example, dc=comou=groups, dc=example, dc=comou=groups, dc=example, dc=com
Group name attributegidgidsAMAccountName
GID attributegidNumbergidNumberobjectSid:S-1-5-xx-yy-zz (domain SID)
4.1.1.2 Testing connection to LDAP database
Refer to the sectionInformation>>>CLI>>>ldap-testto get help on the CLI command.
To test connection to the LDAP database:
Connect to the CLI.
Launch
ldap-test --checkusername
command.
In case of error, use the
verbose
option ofthe command to investigate the reason.
Loading ...
Loading ...
Loading ...