DescriptionName
The specific distinguished name in the LDAP hierarchy where the
server should begin a search when a remote user logs in and the
system attempts to get the user's DN based on their username. The
maximum supported string length is 127 characters.
This property is required. If you do not specify a base DN on this
tab then you must specify one on the General tab for every LDAP
provider defined in this Cisco UCS domain.
Base DN field
The LDAP search is restricted to those usernames that match the
defined filter.
This property is required. If you do not specify a filter on this tab
then you must specify one on the General tab for every LDAP
provider defined in this Cisco UCS domain.
Filter field
Step 4
Click Save Changes.
What to Do Next
Create an LDAP provider.
Creating an LDAP Provider
Cisco UCS Manager supports a maximum of 16 LDAP providers.
Before You Begin
If you are using Active Directory as your LDAP server, create a user account in the Active Directory server
to bind with Cisco UCS. This account should be given a non-expiring password.
• In the LDAP server, perform one of the following configurations:
◦ Configure LDAP groups. LDAP groups contain user role and locale information.
◦ Configure users with the attribute that holds the user role and locale information for Cisco UCS
Manager. You can choose whether to extend the LDAP schema for this attribute. If you do not
want to extend the schema, use an existing LDAP attribute to hold the Cisco UCS user roles and
locales. If you prefer to extend the schema, create a custom attribute, such as the CiscoAVPair
attribute.
The Cisco LDAP implementation requires a unicode type attribute.
If you choose to create the CiscoAVPair custom attribute, use the following attribute ID:
1.3.6.1.4.1.9.287247.1
◦ For a cluster configuration, add the management port IP addresses for both fabric interconnects.
This configuration ensures that remote users can continue to log in if the first fabric interconnect
fails and the system fails over to the second fabric interconnect. All login requests are sourced
from these IP addresses, not the virtual IP address used by Cisco UCS Manager.
Cisco UCS Manager GUI Configuration Guide, Release 2.0
OL-25712-04 135
Configuring LDAP Providers