Configuring LDAP servers
Before using LDAP, it is necessary to enable LDAP for the server.
To use LDAP, navigate to Network Configuration > NIS/LDAP Configuration and click Enable LDAP.
The current LDAP configuration settings appear as shown in the following example:
This page contains the following options:
- Modify - this option enables the Administrator to change the LDAP configuration settings
- Add - this option enables the Administrator to add a new LDAP server
- Delete - this option enables the Administrator to remove an existing LDAP server
- Switch to using NIS - this option enables NIS only mode and displays the NIS configuration settings
- Disable NIS and LDAP - this option disables NIS and LDAP
CLI commands
The following commands are available:
- nis-ldap-mode - this command selects whether the server uses NIS servers only or LDAP in order to satisfy NIS queries
- nis-state - this command enables and disables the NIS client (the NIS client also must be enabled in order to use LDAP)
- ldap-server - this command displays and configures the servers which are available for the LDAP client to contact
- ldap-stats - this command displays statistics describing the response latency of LDAP servers for different NIS (RFC 2307) request types
- ldap-security - this command displays and sets the LDAP parameters
- ldap-schema - this command displays and sets the LDAP client settings for schema selection
Modifying LDAP configuration
Navigate to Network Configuration > NIS/LDAP Configuration.
Click modify.
Modify the settings as described in the table below:
Field / Item Description Domain Enter the name of the LDAP domain for which the system is a client. Username This field contains the username of the Administrator for the LDAP servers. The name can be up to 256 characters in length.
However, if it includes spaces, the name must be enclosed in double quotes.
For example: cn=”Directory Manager”,dc=example,dc=com
Password This field contains the password that corresponds to the username. TLS Enabled Select this option to enable Transport Layer Security which provides secure communication with the LDAP server.
Schema This field contains the name of the schema to use.
The options are:
- RFC-2307
- MS Services for Unix
- MS Identity Management for Unix
- MS Active Directory
Click apply.
NoteThis option supports both registered and anonymous user logins.
Adding LDAP servers
Navigate to Network Configuration > NIS/LDAP Configuration.
Click add.
Modify the settings as described in the table below.
Field / Item Description Server IP address or Host name Enter the IP address or Host name of the new LDAP server. Port This field specifies the standard port number to use for communication with the LDAP server. The default value is 389.
TLS Port This field specifies the secure port to use for communication with the LDAP server. The default value is 636.
Click OK.
NoteAn Administrator can query the LDAP server for information about hosts configured into netgroups using the nis-is-host-in-netgroup and nisnetgroups-for-host commands.
Deleting LDAP servers
Navigate to Network Configuration > NIS/LDAP Configuration.
Select a server to delete.
Click delete.