Support User Manuals

Cisco Systems OL-25712-04 Security Camera User Manual

Open as PDF

of 768

DescriptionName

The specific distinguished name in the LDAP hierarchy where the

server should begin a search when a remote user logs in and the

system attempts to get the user's DN based on their username. The

maximum supported string length is 127 characters.

This property is required. If you do not specify a base DN on this

tab then you must specify one on the General tab for every LDAP

provider defined in this Cisco UCS domain.

Base DN field

The LDAP search is restricted to those usernames that match the

defined filter.

This property is required. If you do not specify a filter on this tab

then you must specify one on the General tab for every LDAP

provider defined in this Cisco UCS domain.

Filter field

Step 4

Click Save Changes.

What to Do Next

Create an LDAP provider.

Creating an LDAP Provider

Cisco UCS Manager supports a maximum of 16 LDAP providers.

Before You Begin

If you are using Active Directory as your LDAP server, create a user account in the Active Directory server

to bind with Cisco UCS. This account should be given a non-expiring password.

• In the LDAP server, perform one of the following configurations:

◦ Configure LDAP groups. LDAP groups contain user role and locale information.

◦ Configure users with the attribute that holds the user role and locale information for Cisco UCS

Manager. You can choose whether to extend the LDAP schema for this attribute. If you do not

want to extend the schema, use an existing LDAP attribute to hold the Cisco UCS user roles and

locales. If you prefer to extend the schema, create a custom attribute, such as the CiscoAVPair

attribute.

The Cisco LDAP implementation requires a unicode type attribute.

If you choose to create the CiscoAVPair custom attribute, use the following attribute ID:

1.3.6.1.4.1.9.287247.1

◦ For a cluster configuration, add the management port IP addresses for both fabric interconnects.

This configuration ensures that remote users can continue to log in if the first fabric interconnect

fails and the system fails over to the second fabric interconnect. All login requests are sourced

from these IP addresses, not the virtual IP address used by Cisco UCS Manager.

Cisco UCS Manager GUI Configuration Guide, Release 2.0

OL-25712-04 135

Configuring LDAP Providers

previous next