CLI Guide
cfgLDAPServer (Read or Write)
Table 234. Details of cfgLDAPServer
Description
Configures the address of the LDAP Server. IPv4 and IPv6 are supported.
NOTE: You can specify multiple servers by separating each server with a comma. For example,
example.com, sub1.example.com
Legal Values
String.
Maximum length = 1024
Default
Null
cfgLDAPUserAttribute (Read or Write)
Table 235. Details of cfgLDAPUserAttribute
Description
To search for, specify the user attribute. It is recommended to be unique within the chosen baseDN,
otherwise a search filter must be configured to make sure the uniqueness of the login user. If the userDN
cannot be uniquely identified, login is unsuccessful with error.
Legal Values
String. Maximum length = 254
Default
Null
cfgLdapRoleGroup
This group allows the user to configure role groups for LDAP.
Use this object with the config or getconfig subcommands.
cfgLDAPRoleGroup is indexed, containing instances numbered from 1 to 5. Each object instance consists of a pair of
properties:
● cfgLDAPRoleGroupDN — an LDAP distinguished name (DN)
● cfgLDAPRoleGroupPrivilege — a iDRAC privilege map
Each LDAP-authenticated user assumes the total set of iDRAC privileges assigned to the matching LDAP distinguished names
that the user belongs to. That is, if the user belongs to multiple role group DNs, the user receives all associated privileges for
that DNs.
The following sections provide information about the objects in the cfgLdapRoleGroup.
cfgLdapRoleGroupDN (Read or Write)
Table 236. Details of cfgLdapRoleGroupDN
Description It is the Domain Name of the group in this index.
Legal Values
String. Maximum length = 1024
Default
None
Example
racadm getconfig -g cfgLDAPRoleGroup -o cfgLDAPRoleGroupDN
-i 1 cn=everyone,ou=groups,dc=openldap,dc=com
196
iDRAC Property Database Group and Object Descriptions