3PAR InForm® OS 2.2.4 CLI Administrator's Manual (320-200113 Rev A, March 2009)

4.19

LDAP Connection

InForm OS Version 2.2.4 3PAR InForm OS CLI Administrator’s Manual

In the example above, the setauthparam command is issued to set the CA certificate to the

ca.cer file.

4.3.2.4 Configuring Account Location Parameters

To configure the account location parameters:

1 If you are unsure of the user’s account information, select a known user’s full name (to be

entered as the

cn value) and run the ldapsearch command using the

defaultNamingContext value previously displayed in 4.3.2.1 Configuring Connection

Parameters on page 4.16. Make a note of the group information displayed in the

command’s output.

2 Issue the

setauthparam accounts-dn <DN_path> command.

3 Issue the

setauthparam account-obj user command.

4 Issue the

setauthparam account-name-attr sAMAccount command.

5 Issue the

setauthparam memberof-attr memberOf command.

6 Issue the

checkpassword command to obtain information about the user’s group

membership(s) from the LDAP server.

Example:

The example above corresponds to step 1 on page 4.19, and displays the following:

 joadmin is the user name of the NT Windows domain (NTDOM1) administrator searching

for group information for user 3PARuser (

cn=3PARuser).

setauthparam -f ldap-ssl-cacert ca.cer

NOTE: You must know the user’s password in order to successfully use the

checkpassword command.

% ldapsearch -LLL -x -H ldap://192.168.10.13 -D 'NTDOM1\joeadmin' -W -b

DC=3par,DC=com -s sub '(cn=3PARuser)' dn

Enter LDAP Password:

dn: CN=3PAR User,OU=Engineering,OU=Users,DC=3par,DC=com