Dell PowerFlex v3.6.x User Roles and LDAP Usage Technical Notes

assign_ldap_groups_to_roles

Map LDAP groups to PowerFlex system roles.

The LDAP service must be configured before using this command. Once you have mapped the roles, you can assign users in the Active Directory to the relevant LDAP groups.

NOTE:To enable LDAP users to use the PowerFlex GUI or vSphere Plug-in, you must assign all LDAP groups the Monitor role.

Syntax

scli --assign_ldap_groups_to_roles (--ldap_service_id <LDAP_SERVICE_ID> | --ldap_service_name <LDAP_SERVICE_NAME>) 
  [--administrator_role_dn <LDAP_GROUP_DN>] 
  [--security_role_dn <LDAP_GROUP_DN>] 
  [--backend_config_role_dn <LDAP_GROUP_DN>] 
  [--frontend_config_role_dn <LDAP_GROUP_DN>] 
  [--monitor_role_dn <LDAP_GROUP_DN>] 
  [--allow_overwrite ]

Parameters

--ldap_service_id <LDAP_SERVICE_ID>: ID of the LDAP service
--ldap_service_name <LDAP_SERVICE_NAME>: Name of the LDAP service
--administrator_role_dn <LDAP_GROUP_DN>: LDAP group that has users with administration privileges
--security_role_dn <LDAP_GROUP_DN>: LDAP group that has users with security privileges
--backend_config_role_dn <LDAP_GROUP_DN>: LDAP group that has users with backend configuration privileges
--frontend_config_role_dn <LDAP_GROUP_DN>: LDAP group that has users with frontend configuration privileges
--monitor_role_dn <LDAP_GROUP_DN>: LDAP group that has users with monitoring privileges
--allow_overwrite: Overwrites the role's LDAP group

Example

scli --assign_ldap_groups_to_roles --ldap_service_id 0xAABBCCDDEEFF0011 --administrator_role_dn "CN=SIO_GRP_1,OU=SIO_OU_1,DC=ldaps,DC=ecme,DC=com" --monitor_role_dn "CN=SIO_GRP_2,OU=SIO_OU_1,DC=ldaps,DC=ecme,DC=com"

Welcome

Welcome to Dell

Dell PowerFlex v3.6.x User Roles and LDAP Usage Technical Notes

assign_ldap_groups_to_roles

Syntax

Parameters

Example

Rate this content