Manualshelf

Administrator Guide

ManualsBrandsDell ManualsserversDell Brocade 300
181182183184185186187188189190
186 Fabric OS Administrator’s Guide
53-1002920-02
Remote authentication
6
dn: cn=Manager,dc=mybrocade,dc=com
objectClass: organizationalRole
cn: Manager
description: Directory Manager
2. Enter the ldapadd command to add the contents of the .ldif file to the Directory, where test.ldif
is the file you created in step 1.
> ldapadd -D cn=Manager,dc=mybrocade,dc=com -x -w secret -f test.ldif
Assigning a user to a group
Before you can assign a user to a group, the memberOf overlay must be added to the slapd.conf
file. Refer to “Enabling group membership” on page 185 for details.
1. In a .ldif file, create a “groupOfNames” objectClass entry with the name of the group, for
example, “admin,” to create a group.
2. Set a “member” attribute for the group instance to identify the member, as in this example:
“cn=Sachin,cn=Users,dc=mybrocade,dc=com”
Automatically, the “memberOf” attribute of the entry Sachin will have the value
“cn=admin,ou=groups,dc=mybrocade,dc=com”, which assigns Sachin to the admin group.
3. Enter the ldapadd command.
For example, the .ldif file might contain information similar to the following:
#Groups in organization
dn: ou=groups,dc=mybrocade,dc=com
objectclass:organizationalunit
ou: groups
description: generic groups branch
dn: cn=admin,ou=groups,dc=mybrocade,dc=com
objectclass: groupofnames
cn: admin
description: Members having admin permission
#Add members for admin group
member: cn=sachin,cn=Users,dc=mybrocade,dc=com
Assigning the LDAP role to a switch role
Use the ldapCfg -–maprole ldap_role_name switch_role command to map LDAP server
permissions to one of the default roles available on a switch.
Modifying an entry
To modify a directory entry, perform the following steps.
1. Create a .ldif file containing the information to be modified.
2. Enter the ldapmodify -f filename command, where filename is the .ldif file you created in
step 1.
Example to delete a user attribute
1. Create or edit a .ldif file with an entry similar to the following.
#########Deleting an attr
#dn: cn=Sachin,cn=Users,dc=mybrocade,dc=com