Step 6 ClickSave Changes.
Deleting an LDAP Provider
Procedure
Step 1 Inthe Navigation pane, clickthe Admin tab.
Step 2 Onthe Admin tab, expand All >User Management>LDAP.
Step 3 ExpandLDAP Providers.
Step 4 Right-clickthe LDAP provideryou wantto deleteand choose Delete.
Step 5 Ifthe CiscoUCS Manager GUI displaysa confirmation dialog box, clickYes.
LDAP Group Mapping
Fororganizations that already use LDAP groups to restrict access to LDAP databases, group membership
informationcan be used by UCSM to assign a role or locale to an LDAP user during login. This eliminates
theneed to define role or locale information in the LDAP user object when Cisco UCS Manager is deployed.
Whena user logs into CiscoUCS Manager, information about the user's role and locale are pulled from the
LDAPgroup map.If therole and locale criteria match the information in the policy, access is granted.
Roleand locale definitions are configured locally in Cisco UCS Manager and do not update automatically
basedon changes to an LDAP directory. When deleting or renaming LDAP groups in an LDAP directory, it
isimportant that youupdate Cisco UCSManager with thechange.
AnLDAP group mapcan be configured to include any of the following combinations of roles and locales:
• Roles only
• Locales only
• Both roles and locales
Forexample, consider an LDAP group representing a group of server administrators at a specific location.
TheLDAP group map might be configured to include user roles like server-profile and server-equipment. To
restrictaccess to server administrators at a specific location, the locale could be set to a particular site name.
CiscoUCS Manager includes many out-of-the-box user roles but does not include any locales. Mapping
anLDAP provider group to a locale requires that you create a custom locale.
Note
Cisco UCS Manager GUI Configuration Guide, Release 2.0
140 OL-25712-04
Configuring LDAP Providers