Manualshelf

6.3 HP StoreAll Storage File System User Guide (TA768-96093, June 2013)

ManualsBrandsHP ManualsStorageHP X9320 IB 21.6TB Network Storage System
61626364656667686970
Using LDAP as the primary authentication method
Requirements for LDAP users and groups
StoreAll supports only OpenLDAP.
Configuring LDAP for StoreAll software
To configure LDAP, complete the following steps:
1. Update a configuration file template that ships as part of the StoreAll LDAP software.
This updated configuration file is then passed to a configuration utility, which uses LDAP
commands to modify the remote enterprise's OpenLDAP server.
2. Configure LDAP authentication on all the cluster nodes by using Fusion Manager.
3. Update the appropriate configuration template with information specific to the OpenLDAP
server being configured.
Update the template on the remote LDAP server
The StoreAll LDAP client ships with three configuration templates, each corresponding to a supported
OpenLDAP server schema:
customized-schema-template.conf
samba-schema-template.conf
posix-schema-template.conf
Pick the schema your server supports. If your server supports both Posix and Samba schemas, pick
the schema most appropriate for your environment. Choose any one of the three supported schema
templates to proceed.
Make a copy of the template corresponding to the schema your LDAP server supports, and update
the copy with your configuration information.
Customized template. If the OpenLDAP server has a customized or a special schema, you must
provide information to help map between the standard schema attribute and class names to the
new names that are extant on the OpenLDAP server. This situation is not a common one. Use this
template only if your OpenLDAP server has overridden the standardized Posix or Samba schema
with customized extensions. Provide values (equivalent names) for all virtual attributes in the
configuration. For example:
mandatory; virtual; uid; your-schema-equivalent-of-uid
optional; virtual; homeDirectory; your-schema-equivalent-of-homeDirectory
Samba template. Enter the required attributes for Samba/POSIX templates. You can use the default
values specified in the “Map (mandatory) variables” and “Map (Optional) variables” sections of
the template.
POSIX template. Enter the required attributes for Samba/POSIX templates. Also remove or comment
out the following virtual attributes:
# mandatory; virtual; SID;sambaSID
# mandatory; virtual; PrimaryGroupSID;sambaPrimaryGroupSID
# mandatory; virtual; sambaGroupMapping;sambaGroupMapping
62 Configuring authentication for SMB, FTP, and HTTP