Unlike Active Directory, other LDAP-based directory servers do not typically ship with a GUI management interface. In this case you might use a tool like Ldap Admin to find the proper search paths on LDAP servers. The free Ldap Admin tool (a Windows LDAP manager available from ldapadmin.sourceforge.net) lets you browse, search, modify, create, and delete objects on a LDAP server. Ldap Admin’s copy-to-clipboard functionality is especially useful for easily transferring values into the Unisphere
Settings > Security (task list)
> Manage LDAP Domain fields.
Table 1. Information required to connect to a Customized Active Directory or Other Directory LDAP-based directory server
Required connection information
Your values
Fully-qualified domain name (also known as the base distinguished name)
Primary directory server IP address or hostname
Secondary directory server IP address or hostname
Distinguished name (also known as the bind distinguished name)
User search path
User name attribute
Group search path
Group name attribute
Group class
Group member
Steps
Start Ldap Admin and create a new connection. Click
Test connection to verify the connection.
Open the connection to the LDAP server, right-click the domain name, and then select
Search from the menu.
Identify an LDAP user who will be a VNX for file user. To locate the user profile, type the user’s name in the
Name field and click
Start.
Right-click the appropriate user from the results list, and then select
Go to from the menu. You will use this user to determine the user and group search paths. Close the
Search window.
On the main Ldap Admin window, notice that the status bar contains the distinguished name (DN) of the folder in which the user is located. Many LDAP servers follow the convention outlined in RFC2307 and put users in a People container.
Right-click the folder, and then select
Copy dn to clipboard from the menu.
In the unisphere
Manage LDAP Domain view, select the
Other Directory Servers option. Paste the DN value in the
User Search Path field.
Verify that all other VNX for file users use the same path by:
Repeating the Search for all VNX for file user accounts
or
Navigating to that area of the directory in Ldap Admin, and locating all VNX for file user accounts
Repeat steps 2 through 8 to search on a group name to find the path to the container in the directory structure where the groups are located. When you search by group name, you have to use an advanced search and supply a search filter in the form cn=<group name>. Once the search is complete, right-click the appropriate group from the results list, and then select
Go to from the menu.
The LDAP user and group search begins with the path specified, and searches that container and all containers below it. If VNX for file users and groups are not located within the same container or organizational unit, you must use the intersection (common parts) of their collective paths when you specify the user and group search paths. In some cases, this may need to be the root of the domain. For example, assume that VNX for file users are stored in the following two Active Directory locations:
In order for VNX for file to find all users, you need to use the intersection of the two paths as your search path, that is, the domain root DC=openldap-eng,DC=local.
Use the Search window to locate the user account you will use to connect the VNX for file Control Station to the directory. Right-click the account name, and then select
Copy dn to clipboard. Paste the DN value in the
Distinguished Name field in the Unisphere
Manage LDAP Domain view, for example uid=vnx,ou=People.
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\