Configuring LDAP Security Settings (CLI)
7.
Refer to the following table for valid security property setting combinations.
cred_level
anonymous
self
proxy
Related Topics
"LDAP Properties" on page 290
■
LDAP Properties
For the appropriate settings for your environment, consult your LDAP server administrator.
Schema
Base search DN - Supplies the distinguished name of the base object which is the starting
■
point for directory searches.
Search scope - Defines which objects in the LDAP directory are searched, relative to the
■
base object. Search results can be limited only to objects directly beneath the base search
object (one-level) or they can include any object beneath the base search object (subtree).
The default is one-level.
Schema definition - Schema used by the appliance. This property lets administrators
■
override the default search descriptor, attribute mappings, and object class mappings
for users, groups, and netgroups. For more information, see
Mappings" on page
Security Settings
Authenticate As - Credentials used to authenticate the appliance to the LDAP server.
■
Enable SSL/TLS - Toggles TLS (Transport Layer Security, the descendant of SSL) to
■
establish secure connections to the LDAP server. If authenticating as Self, this option is
unavailable because Self uses Kerberos encryption.
290
Oracle ZFS Storage Appliance Administration Guide, Release OS8.6.x • September 2016
auth_method
none
none
sasl/GSSAPI
simple
simple
sasl/DIGEST-MD5
sasl/DIGEST-MD5
291.
use_tls
true
false
false
true
false
Permitted, but not recommended because
the user's distinguished name (DN) and
password will be sent in plain text.
true
false
"LDAP Custom