Dell IDRAC6 manual 180

8Enter the followinf information:

• Select Enable Generic LDAP.

NOTE: In this release, nested group is not supported. The firmware searches for the direct member of the group to match the user DN. Also, only single domain is supported. Cross domain is not supported.

•Select the Use Distinguished Name to Search Group Membership option to use the Distinguished Name (DN) as group members. iDRAC6 compares the User DN retrieved from the directory to compare with the members of the group. If unchecked, user name provided by the login user is used to compare with the members of the group.

•In the LDAP Server Address field, enter the fully qualified domain name (FQDN) or the IP address of the LDAP server. To specify multiple redundant LDAP servers that serve the same domain, provide the list of all servers separated by commas. iDRAC6 tries to connect to each server in turn, until it makes a successful connection.

•Enter the port used for LDAP over SSL in the LDAP Server Port field. The default is 636.

•In the Bind DN field, enter the DN of a user used to bind to the server when searching for the login user’s DN. If not specified, an anonymous bind is used.

•Enter the Bind Password to use in conjunction with the Bind DN. This is required if anonymous bind is not allowed.

•In the Base DN to Search field, enter the DN of the branch of the directory where all searches should start.

•In the Attribute of User Login field, enter the user attribute to search for. Default is UID. It is recommended that this be unique within the chosen Base DN, else a search filter must be configured to ensure the uniqueness of the login user. If the user DN cannot be uniquely identified by the search combination of attribute and search filter, the login will fail.

•In the Attribute of Group Membership field, specify which LDAP attribute should be used to check for group membership. This should be an attribute of the group class. If not specified, iDRAC6 uses the member and uniquemember attributes.