Configuring authentication from the cli, Configuring active directory, Configuring ldap – HP StoreAll Storage User Manual

You cannot change the UID or RID for a Local User account. If it is necessary to change a UID or
RID, first delete the account and then recreate it with the new UID or RID. The Local Users and
Local Groups panels allow you to delete the selected user or group.

Configuring authentication from the CLI

You can configure Active Directory, LDAP, LDAP ID mapping, or Local Users and Groups.

Configuring Active Directory

To configure Active Directory authentication, use the following command:

ibrix_auth -n DOMAIN_NAME -A AUTH_PROXY_USER_NAME@domain_name [-P AUTH_PROXY_PASSWORD]
[-S SETTINGLIST] [-h HOSTLIST]

RFC2307 defines extensions to the Active Directory schema to store UNIX Attributes for users and
groups. These are present in all versions of Windows since Windows 2003 R2. Enabling RFC2307
support enables Linux static user mapping with Active Directory. To enable RFC2307 support, use
the following command:

ibrix_cifsconfig -t [-S SETTINGLIST] [-h HOSTLIST]

Enable RFC2307 in the SETTINGLIST as follows:

rfc2307_support=rfc2307

For example:

ibrix_cifsconfig -t -S "rfc2307_support=rfc2307"

To disable RFC2307, set rfc2307_support to unprovisioned. For example:

ibrix_cifsconfig -t -S "rfc2307_support=unprovisioned"

IMPORTANT:

After making configuration changes with the ibrix_cifsconfig -t -S

command, use the following command to restart the SMB services on all nodes affected by the
change.

ibrix_server -s -t cifs -c restart [-h SERVERLIST]

Clients will experience a temporary interruption in service during the restart.

Configuring LDAP

Use the ibrix_ldapconfig command to configure LDAP as the primary authentication service
for SMB shares.

72

Configuring authentication for SMB, FTP, and HTTP