Reference Guide
Default
(objectless=*)
Searches for all objects in tree.
cfgLDAPServer (Read or Write)
Description
Configures the address of the LDAP Server. IPv4 and IPv6 are supported.
NOTE: You can specify multiple servers by separating each server with a comma. For example,
example.com, sub1.example.com
Legal Values
String.
Maximum length = 1024
Default
Null
cfgLDAPUserAttribute (Read or Write)
Description
To search for, specify the user attribute. It is recommended to be unique within the chosen baseDN, otherwise a
search filter must be configured to make sure the uniqueness of the login user. If the userDN cannot be uniquely
identified, login is unsuccessful with error.
Legal Values
String. Maximum length = 254
Default
Null
cfgLdapRoleGroup
This group allows the user to configure role groups for LDAP.
Use this object with the config or getconfig subcommands.
cfgLDAPRoleGroup is indexed, containing instances numbered from 1 to 5. Each object instance consists of a pair of properties:
• cfgLDAPRoleGroupDN — an LDAP distinguished name (DN)
• cfgLDAPRoleGroupPrivilege — a iDRAC privilege map
Each LDAP-authenticated user assumes the total set of iDRAC privileges assigned to the matching LDAP distinguished names that the
user belongs to. That is, if the user belongs to multiple role group DNs, the user receives all associated privileges for that DNs.
The following sections provide information about the objects in the cfgLdapRoleGroup.
cfgLdapRoleGroupDN (Read or Write)
Description
It is the Domain Name of the group in this index.
Legal Values
String. Maximum length = 1024
Default
None
Example
racadm getconfig -g cfgLDAPRoleGroup -o cfgLDAPRoleGroupDN
-i 1 cn=everyone,ou=groups,dc=openldap,dc=com
iDRAC Property Database Group and Object Descriptions
181