Skip to main content
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products

IDPA: LDAP Integration with Integrated Data Protection Appliance.

Summary: This KB walks you through steps on how to configure LDAP on IDPA Components: Data Protection Search and Data Protection Central. IDPA Backup Server, Protection Storage and Data Protection Advisor need to be separately integrated with the LDAP using the appropriate procedures. ACM does not support LDAP log in. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.

Instructions

This KB walks you through how to integrate the Integrated Data Protection Appliance with LDAP. 
 
LDAP Compatibility Table
IDPA Component LDAP Compatible

Appliance Configuration Manager (ACM)

No

Search (Data Protection Search)

Yes

System Manager (Data Protection Central)

Yes

Protection Storage (Data Domain)

Yes

Backup Server (Avamar)

Yes

Reporting and Analytics (Data Protection Advisor)

Yes

Note: IDPA Appliance configuration Manager does not support LDAP mode of authentication at this time. The only user account for Appliance configuration Manager login is 'root'.


Procedure to Configure LDAP on Search and System Manager:   
  1. Access the IDPA ACM GUI
Enter the ACM IP Address into a web browser.
Example:
https://<ACM_IP_ADDRESS_OR_FQDN>:8543

ACM Login
  1. On  the Appliance Configuration Manager Home page, scroll down to section: 'General Settings'. Click on the settings icon:
ACM Dashboard
 
  1. click on the menu-item 'Configure external LDAP':
 
Ldap Config
 

Note:   

  • Before entering this information, check your admin group is under the Users OU of your active directory.
  • Ensure the "Domain User" is the Primary group for your query user account. (This is found in the Member tab of the Query user's properties under the Active Directory)
  • Ensure your query user account is also a member of your admin group that resides under the Users OU. (This may be found in the member tab in the properties of the query user in the Active Directory)
  • Default IDPA admin group is named dp_admin (you may use something different if needed)

LDAP password requirements:    
Use only the following characters:

  • Letters (A Z, a z)
  • Numbers (0 9)
  • Period (.)
  • Hyphen (-)
  • Underscore (_) 
  • Contain at least one supported special character
  • Be no longer than 20 characters
  1. Enter the information as prompted on the IDPA LDAP settings page. 
LDAP settings

For more details, Refer the Integrated Data Protection Appliance Product Guide


Procedure to Configure LDAP Settings on Avamar, Data Domain and DPA for Authentication:    
  • IDPA Backup Server:    
Check the latest Avamar Administration Guide, Section: Directory Service Authentication
  • IDPA Protection Storage:    
Check the latest Data Domain Operating System Administration Guide, Section: Directory User and Group Management
  • IDPA Reporting and Analytics:    
Check the latest Data Protection Advisor Security Configuration Guide, Section: External authentication, LDAP integration, and binding.
 
 

Additional Information

IDPA ACM does not support LDAP Authentication for log in due to product limitation at the moment on any IDPA version. RFE has been filed with Product Engineering to get this feature incorporated in future releases. 

Refer this video:         

Affected Products

Integrated Data Protection Appliance Family

Products

PowerProtect DP4400, PowerProtect DP5300, PowerProtect DP5800, PowerProtect DP8300, PowerProtect DP8800, PowerProtect Data Protection Software, Integrated Data Protection Appliance Family, PowerProtect Data Protection Hardware , Integrated Data Protection Appliance Software ...
Article Properties
Article Number: 000158042
Article Type: How To
Last Modified: 15 Nov 2021
Version:  6
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.