Displaying the LDAP access privilege levels

The List LDAPGroups command displays all defined LDAP group with their access privilege level.

To display LDAP group access privilege levels:

At the Sentry: prompt, type list ldapgroups and press Enter.

Example

The following command displays all LDAP groups with their access privilege level:

Sentry: list ldapgroups<Enter>

 

LDAP

Access

Environmental

Group Name

Level

Monitoring

LDAPAdmin

Admin

Allowed

PowerUser

User

Allowed

User

On-Only

Not Allowed

Guest

View-Only

Not Allowed

Adding outlet access to an LDAP group

The Add OutletToLDAP command grants an LDAP group access to one or all outlets. To grant access for more than one outlet, but not all outlets, you must use multiple Add OutletToLDAP commands.

To grant outlet access to an LDAP group:

At the Sentry: prompt, type add outlettoldap, optionally followed by an outlet name and a group name. Press Enter, or

Type add outlettoldap all, followed by a group name and press Enter.

Examples

The following commands grant the LDAP group PowerUser access to outlets A1 and Webserver_1:

Sentry:add outlettoldap .a1 poweruser<Enter>

Sentry:add outlettoldap WebServer_1 poweruser<Enter>

Deleting outlet access for an LDAP group

The Delete OutletFromLDAP command removes an LDAP group’s access to one or all outlets. You cannot remove access to any outlet for an administrative level group.

To delete outlet access for an LDAP group:

At the Sentry: prompt, type delete outletfromldap, optionally followed by an outlet name and a group name. Press Enter, or

Type delete outletfromldap all, followed by a group name and press Enter.

Adding outlet group access to an LDAP group

The Add GroupToLDAP command grants an LDAP group access to a outlet group. To grant access for more than one outlet group, you must use multiple Add GroupToLDAP commands.

To gran toutlet group access to an LDAP Group:

At the Sentry: prompt, type add grouptoldap, optionally followed by an outlet group name and an LDAP group name. Press Enter.

Examples

The following commands grants to LDAP group PowerUser access to the outlet groups ServerGroup_1 and ServerGroup_2:

Sentry:add grouptoldap servergroup_1 poweruser<Enter>

Sentry:add grouptoldap servergroup_2 poweruser<Enter>

Deleting outlet group access for an LDAP group

The Delete GroupFromLDAP command removes an LDAP group’s access to a outlet group. You cannot remove access to any group for an administrative level group.

To delete outlet group access for an LDAP group:

At the Sentry: prompt, type delete groupfromldap, optionally followed by a outlet group name and an LDAP group name. Press Enter.

60 • Advanced Operations

Sentry PT22

 

Installation and Operations Manual