The switch has an RFC 2307-compliant LDAP client that enables LDAP users to access the switch. Some configuration rules exist for the LDAP client:
LDAP can be enabled only if FIPS is disabled. See Configure the FIPS Service (Oracle ILOM CLI).
You must have user management role (u) in Oracle roles model to configure the LDAP user properties for the Oracle ILOM client.
LDAP properties must be set on both the switch and the LDAP server(s).
When LDAP users access the switch, you can specify how much control they have by assigning the appropriate role and privileges.
-> set /SP/clients/ldap state=enabled Set 'state' to 'enabled' ->
-> set /SP/clients/ldap address=192.168.45.60 Set 'address' to '192.168.45.60' ->
-> set /SP/clients/ldap port=400 Set 'port' to '400' ->
-> set /SP/clients/ldap defaultrole=s Set 'defaultrole' to 's' [os] ->
By default, the LDAP user role is operator (o), but you can configure additional roles. Regardless of the role you configure, the operator role is always configured.
-> set /SP/clients/ldap searchbase=us.oracle.com Set 'searchbase' to 'us.oracle.com' ->
-> set /SP/clients/ldap binddn=companyq.com Set 'binddn' to 'companyq.com' ->
-> set /SP/clients/ldap bindpw=toothbrush Set 'bindpw' to 'toothbrush' ->