Ldapcfg – Dell POWEREDGE M1000E User Manual

500

Fabric OS Command Reference

53-1002746-01

ldapCfg

2

ldapCfg

Maps LDAP AD server roles to default switch roles.

SYNOPSIS

ldapcfg --maprole ldaprole switchrole

ldapcfg --unmaprole ldaprole

ldapcfg --show

ldapcfg --help

DESCRIPTION

Use this command to map a Lightweight Directory Access Protocol (LDAP) Active Directory (AD) server
role to one of the default roles available on a switch. This command also provides an option to remove an
existing mapping.

This command creates an alias for a customer-defined group which allows a user belonging to that group
to login to the switch with the permissions associated with the mapped switch role.

This command supports one-to-one role mapping only. For example, you might map the "SAN
administrator" role on the AD server to the "admin" role on the switch, or the "SAN maintenance" role to
the switch "operator" role. But the command fails if you attempt to map an already mapped AD server
role.

NOTES

The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.

OPERANDS

This command takes as input an action and its associated arguments. When no operand is specified, the
command prints the usage.

This command has the following operands:

--maprole

Maps an LDAP role to a specified switch role. The following operands are
required:

ldaprole

Specifies the LDAP role to be mapped to a switch role. The role must be a valid
AD server role.

switchrole

Specifies the switch role to which the LDAP role is mapped. Valid switch roles
include the following:

•

admin

•

user

•

switchadmin

•

zoneadmin

•

fabricadmin

•

basicswitchadmin

•

operator

•

securityadmin