CLI Guide
NOTE: You can specify multiple servers by separating each server with a comma. For example,
example.com, sub1.example.com
Legal Values
String.
Maximum length = 1024
Default
Null
cfgLDAPUserAttribute (Read or Write)
Table 233. Details of cfgLDAPUserAttribute
Description
To search for, specify the user attribute. It is recommended to be unique within the chosen baseDN, otherwise a
search filter must be configured to make sure the uniqueness of the login user. If the userDN cannot be uniquely
identified, login is unsuccessful with error.
Legal Values
String. Maximum length = 254
Default
Null
cfgLdapRoleGroup
This group allows the user to configure role groups for LDAP.
Use this object with the config or getconfig subcommands.
cfgLDAPRoleGroup is indexed, containing instances numbered from 1 to 5. Each object instance consists of a pair of properties:
• cfgLDAPRoleGroupDN — an LDAP distinguished name (DN)
• cfgLDAPRoleGroupPrivilege — a iDRAC privilege map
Each LDAP-authenticated user assumes the total set of iDRAC privileges assigned to the matching LDAP distinguished names that the
user belongs to. That is, if the user belongs to multiple role group DNs, the user receives all associated privileges for that DNs.
The following sections provide information about the objects in the cfgLdapRoleGroup.
cfgLdapRoleGroupDN (Read or Write)
Table 234. Details of cfgLdapRoleGroupDN
Description It is the Domain Name of the group in this index.
Legal Values
String. Maximum length = 1024
Default
None
Example
racadm getconfig -g cfgLDAPRoleGroup -o cfgLDAPRoleGroupDN
-i 1 cn=everyone,ou=groups,dc=openldap,dc=com
cfgLdapRoleGroupPrivilege (Read or Write)
Table 235. Details of cfgLdapRoleGroupPrivilege
Description
A bit–mask defining the privileges associated with this particular group.
Legal Values
0x00000000 to 0x000001ff
iDRAC Property Database Group and Object Descriptions 189