Creating The Ldap Structure (Based On Openldap); Assigning Domain Users To The Mmb - Fujitsu PRIMERGY BX900 User Manual
Blade server systems, serverview management blade s1, user interface description
Hide thumbs
Also See for PRIMERGY BX900:
- User manual (811 pages) ,
- System message manual (430 pages) ,
- Hardware reference manual (69 pages)
Table of Contents
Advertisement
Global User Management
Configuring an openLDAP Server
# ldapadd -x -D "cn=<ACCOUNTNAME>,dc=<MY-DOMAIN>,dc=<COM>" -W -f example.ldif
Or as in the example:
# ldapadd -x -D "cn=Manager,dc=testdomain2,dc=local" -W -f testdomain2.ldif
After the base structure is created various LDAP browsers can be used to view and manage the domain (e.g.
phpLDAPadmin).
6.2.2 Creating the LDAP Structure (Based on openLDAP)
To permit the management blade to be accessed by means of an LDAP user, a particular structure consisting of
Organizational Units (OUs) and Groups must be set up. A sample configuration is described here.
The tool SVS_LDAPDeployer (v. 1.00.09209) can be used to create the structure. The tool can be used from any
system with network access to the openLDAP Server which has at least Java v1.5 installed.
The configuration file Generic_InitialDeploy.xml is included in the SVS_LDAPDeployer software package and
should be edited according to your specific needs before deploying the structure into the openLDAP directory.
The following sections should be edited:
– <DirectoryService> : Contains the IP and Port of the openLDAP Server.
– <DirectoryType> : Sets the type of LDAP directory, in this example Open LDAP.
– <root> : Contains the root level of your domain, e.g. for testdomain2.local "dc=testdomain2,dc=local".
– <username>: Contains the manager's user name in the notation "cn=Manager,dc=testdomain2,dc=local".
– <Department name> : The name of the department where the structure will be created, e.g. TestDepartment.
– If the password section is left blank, SVS_LDAPDeployer will ask for the administrator's password during
execution.
When the configuration is finished you can execute the SVS_LDAPDeployer by opening a CMD window, navigating
to the SVS_LDAPDeployer folder and using the following command:
# java -jar SVS_LdapDeployer.jar -deploy Configuration_InitialDeploy_Generic.xml
The SVS_LDAPDeployer starts, asks for the manager's password and creates the structure in the Open LDAP
directory which is needed to authenticate users of the MMB.
6.2.3 Assigning Domain Users to the MMB
To enable a user to log in on the management blade as a domain user, AuthorizationRoles must be set for this user:
1. Create a new user if none exists.
2. Navigate to SVS ® Departments ® [YourDepartment] ® AuthorizationRoles.
3. Add the user to the desired role as a member and make sure you set the UID to match the login name.
ServerView BX900 S1 Management Blade
75
Hide quick links:
Advertisement
Table of Contents
