180 Using the iDRAC6 Directory Service
Enter the followinf information:
• Select
Enable Generic LDAP
NOTE: In this release, nested group is not supported. The firmware searches
for the direct member of the group to match the user DN. Also, only single
domain is supported. Cross domain is not supported.
• Select the
Use Distinguished Name to Search Group Membership
option to use the Distinguished Name (DN) as group members.
iDRAC6 compares the User DN retrieved from the directory to
compare with the members of the group. If unchecked, user name
provided by the login user is used to compare with the members of the
•In the
LDAP Server Address
field, enter the fully qualified domain
name (FQDN) or the IP address of the LDAP server. To specify
multiple redundant LDAP servers that serve the same domain, provide
the list of all servers separated by commas. iDRAC6 tries to connect to
each server in turn, until it makes a successful connection.
• Enter the port used for LDAP over SSL in the
LDAP Server Port
The default is 636.
•In the
Bind DN
field, enter the DN of a user used to bind to the server
when searching for the login user’s DN. If not specified, an
anonymous bind is used.
• Enter the
Bind Password
to use in conjunction with the
Bind DN
This is required if anonymous bind is not allowed.
•In the
Base DN to Search
field, enter the DN of the branch of the
directory where all searches should start.
•In the
Attribute of User Login
field, enter the user attribute to search
for. Default is UID. It is recommended that this be unique within the
chosen Base DN, else a search filter must be configured to ensure the
uniqueness of the login user. If the user DN cannot be uniquely
identified by the search combination of attribute and search filter, the
login will fail.
•In the
Attribute of Group Membership
field, specify which LDAP
attribute should be used to check for group membership. This should
be an attribute of the group class. If not specified, iDRAC6 uses the