Determining the parameters for LDAP server registration

Ops Center Installation and Configuration Guide

Version
11.0.x
Audience
anonymous
Part Number
MK-99OPS001-23
If you want to link with an LDAP server, when you register the link with the LDAP server in Common Services, you must set parameters to import users.

Run the ldapsearch command, and then determine the parameters based on the information returned by the search.

  1. From the management server, run the ldapsearch command.
    Example of the command syntax:
    ldapsearch -h host-name-or-IP-address-of-the-LDAP-server -b base-DN-to-be-found -D bind-dn -w password-of-the-bind-DN -L -s scope-of-the-search ["ldap-filter"]

    For details, see the LDAP server documentation.

    Example of running command:
    ldapsearch -h example.com -b "CN=Users,DC=example,DC=com" -D "CN=admin,CN=Users,DC=example,DC=com" -w sysadmin -L -s sub "(objectclass=*)"
    Example of LDIF data:
    dn: CN=John Smith,CN=Users,DC=example,DC=com
    objectClass: person
    objectClass: organizationalPerson
    uid: j_smith
    cn: John Smith
    sn: Smith
    givenName: John
    distinguishedName: CN=John Smith,CN=Users,DC=example,DC=com
    whenCreated: 20200710022002.0Z
    whenChanged: 20210603075422.0Z
    memberOf: CN=opscenter_users,CN=Users,DC=example,DC=com
    mail: j_smith@example.com
    objectGUID:: hMekv/PMMkyVnykQ5AeMyQ==
    description: type1
    
    dn: CN=Tom Brady,CN=Users,DC=example,DC=com
    objectClass: person
    objectClass: organizationalPerson
    uid: t_brady
    cn: Tom Brady
    sn: Brady
    givenName: Tom
    distinguishedName: CN=Tom Brady,CN=Users,DC=example,DC=com
    whenCreated: 20200710022057.0Z
    whenChanged: 20210601074245.0Z
    memberOf: CN=hcs_users,CN=Users,DC=example,DC=com
    mail: t_brady@example.com
    objectGUID:: pZtOMo29j0CSoFnJrkL3EQ==
    description: type2
  2. Based on the displayed LDIF data, determine the parameter information to set in Common Services.

    The following table shows an example of the correspondence between the settings in Common Services and the LDAP attributes.

    Setting in Common Services LDAP user attribute
    LDAP attribute for username uid
    LDAP attribute for email mail
    LDAP attribute for last name sn
    Full name* cn
    First name* givenName
    LDAP attribute for RDN cn
    LDAP attribute for UUID objectGUID
    User object classes organizationalPerson
    Custom user LDAP filter (description=type1)
    *: Set one of these settings.

    You can specify a search filter in Custom User LDAP Filter to narrow down the users to be imported. (The syntax must conform to RFC 2254.)