Managing User Accounts

Configuring Active Directory Groups in CIMC

 

Command or Action

Purpose

Step 9

Server /ldap # commit

Commits the transaction to the system configuration.

Step 10

Server /ldap # show [detail]

(Optional) Displays the AD configuration.

This example configures AD using the CiscoAVPair attribute:

Server# scope ldap

Server /ldap # set enabled yes

Server /ldap *# set dc1 192.0.20.123

Server /ldap *# set gc1 192.0.20.11

Server /ldap *# set timeout 60

Server /ldap *# set encrypted yes

Server /ldap *# set base-dn example.com

Server /ldap *# set attribute CiscoAVPair

Server /ldap *# commit

Server /ldap # show detail

LDAP Settings:

Domain Controller 1: 192.0.20.123

Domain Controller 2: 0.0.0.0

Domain Controller 3: 0.0.0.0

BaseDN: example.com

Encrypted: yes

Timeout: 60

Enabled: yes

Attribute: CiscoAvPair

Group Authorization: no

Global Catalog 1: 192.0.20.11

Global Catalog 2: 0.0.0.0

Global Catalog 3: 0.0.0.0

Server /ldap #

What to Do Next

If you want to use Active Directory groups for group authorization, see Configuring Active Directory Groups in CIMC.

Configuring Active Directory Groups in CIMC

Note When Active Directory (AD) group authorization is enabled and configured, user authentication is also done on the group level for users that are not found in the local user database or who are not individually authorized to use CIMC in the Active Directory.

Before You Begin

You must log in as a user with admin privileges to perform this task.

Active Directory (or LDAP) must be enabled and configured.

Cisco UCS C-Series Servers Integrated Management Controller CLI Configuration Guide, Release 1.5

OL-28893-01

69

Page 85
Image 85
Cisco Systems 57712, UCSCPCIEBTG manual Configuring Active Directory Groups in Cimc, Server# scope ldap