Using dell association objects syntax – Dell KVM 2161DS User Manual
Page 183
LDAP Feature for the Remote Console Switch
167
Using Dell Association Objects Syntax
Using the Dell Association Objects syntax, object types default to User and
Group in the Dell LDAP Schema. In the Dell Extended Schema, Dell has
added unique Object IDs for four new object classes:
• KVM Appliance Objects
• KVM SIP Objects
• Privilege Objects
• Association Objects
Each of these new object classes is defined in terms of various combinations
(hierarchies) of default Active Directory classes, together with Dell unique
attribute types. Each of the Dell unique attribute types is defined in terms of
a default Active Directory attribute syntax.
The default Microsoft Active Directory object classes used include User and
Group. The User class generally denotes Active Directory objects that contain
information about single entities. The Group class represents containers used
for nesting and contain information about collections of objects.
Each KVM Appliance Object represents an individual Remote Console
Switch within Active Directory. Since these are single entities, in the LDAP
default language they are User objects rather than Group objects.
Each Privilege Object defines a distinct composite set of privileges. Each set
is treated as a discrete entity, therefore it is a User object rather than a Group
object.
An Association Object contains a collection of information about the
privileges granted to a specific user accounts with respect to a specific
appliance (or appliances) and/or specific SIP (or SIPs). User accounts in an
Appliance Object may be specified in terms of any combination of the
following:
• Individual account
• Active Directory security group of user accounts
• Multiple Active Directory security groups of user accounts
Similarly, for the appliances and/or SIPs in an Association Object and because
the Association Object has the ability to use security groups in the same way,
it is defined as a group object itself.