Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Dell PowerFlex v3.6.x User Roles and LDAP Usage Technical Notes

PDF

Red Hat Enterprise Linux, CentOS, and SLES systems

Perform the following tasks in the order they are presented to set up a RHEL-, CentOS-, or SLES-based server for use with LDAP.

Prerequisites

Ensure the following:

  • The OpenLDAP package is installed. (See the following instructions.)
  • Each LDAP server has a separate base DN.

Steps

  1. Run the following command to verify that the OpenLDAP package is installed.
    NOTE:OpenLDAP is a requirement for using LDAP on all Linux-based PowerFlex MDM nodes or for LIA, as stated in the Getting to Know Dell PowerFlex Guide 
    rpm -qa | grep openldap

    Output similar to the following should appear, with the relevant package number: 

    openldap-2.4.23-32.el6_4.1.x86_64
  2. When secure LDAP is used, retrieve the configured CA certificate location from the OpenLDAP client configuration and make note of the location. For non-secure LDAP, skip to step 5.

    For example: 

    grep TLS_CACERTDIR /etc/openldap/ldap.conf

    Output similar to the following should appear: 

    TLS_CACERTDIR /etc/openldap/ldap.conf
    NOTE:The location of the CA certificates may differ depending on the Linux distribution and release.
  3. If the certificate location does not exist, create a directory at the configured location: As root user, create a cacerts directory under /etc/openldap: 
    mkdir -p <TLS_CACERTDIR>

    For example: 

    mkdir -p /etc/openldap/cacerts
  4. Verify that the following entry is displayed in /etc/openldap/ldap.conf:
    • RHEL/CentOS: 
      TLS_CACERTDIR /etc/openldap/cacerts/
    • SLES: 
      TLS_CACERTDIR
  5. On the PowerFlex component host, ensure that it is possible to establish a TCP connection to the LDAP server's address.
  6. Import the certificate files from the LDAP server to the OpenLDAP client CA certificate location <TLS_CACERTDIR> determined in steps 2-4, and run openssl rehash. For non-secure LDAP, skip this task.

    For example: 

    openssl rehash <TLS_CACERTDIR>

    For example: 

    openssl rehash /etc/openldap/certs
    NOTE:The method of CA certificate import for the OpenLDAP client may differ based on your organization's security guidelines. Consult your security administrator for steps to import the CA certificates for use with LDAP client.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\