Ldapcfg - Brocade Communications Systems 8 Command Reference Manual

Fabric os command reference manual supporting fabric

Hide thumbs Also See for 8:

Table of Contents

ldapCfg

Maps LDAP AD server roles to default switch roles.

ldapcfg --maprole ldaprole switchrole

ldapcfg --unmaprole ldaprole

ldapcfg --show

ldapcfg --help

Use this command to map a Lightweight Directory Access Protocol (LDAP) Active Directory (AD)

server role to one of the default roles available on a switch. This command also provides an option

to remove an existing mapping.

This command creates an alias for a customer-defined group which allows a user belonging to that

group to login to the switch with the permissions associated with the mapped switch role.

This command supports one-to-one role mapping only. For example, you might map the "SAN

administrator" role on the AD server to the "admin" role on the switch, or the "SAN maintenance"

role to the switch "operator" role. But the command fails if you attempt to map an already mapped

AD server role.

The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may

be in place. Refer to chapter 1, "Using Fabric OS commands" and Appendix A, "Command

Availability" for details.

This command takes as input an action and its associated arguments. When no operand is

specified, the command prints the usage.

This command has the following operands:

Maps an LDAP role to a specified switch role. The following operands are

Specifies the LDAP role to be mapped to a switch role. The role must be a

valid AD server role.

Specifies the switch role to which the LDAP role is mapped. Valid switch roles

include the following:

basicswitchadmin

securityadmin

Removes the mapping between an LDAP role and a switch role. Use the

--show option for a listing of existing mappings. The following operand is

Specifies the LDAP AD sever role to be removed from the mapping.

Fabric OS Command Reference

53-1001764-02