Configure the LDAP Client (Oracle ILOM CLI)

The switch has an RFC 2307-compliant LDAP client that enables LDAP users to access the switch. Some configuration rules exist for the LDAP client:

• LDAP can be enabled only if FIPS is disabled. See Configure the FIPS Service (Oracle ILOM CLI).

• You must have user management role (u) in Oracle roles model to configure the LDAP user properties for the Oracle ILOM client.

• LDAP properties must be set on both the switch and the LDAP server(s).

When LDAP users access the switch, you can specify how much control they have by assigning the appropriate role and privileges.

1. Enable the LDAP client.

   -> set /SP/clients/ldap state=enabled
   Set 'state' to 'enabled'
   ->
   

2. Specify the LDAP client's IP address.

   -> set /SP/clients/ldap address=192.168.45.60
   Set 'address' to '192.168.45.60'
   ->
   

3. Set the LDAP port.

   -> set /SP/clients/ldap port=400
   Set 'port' to '400'
   ->
   

4. Set the LDAP user roles.

   -> set /SP/clients/ldap defaultrole=s
   Set 'defaultrole' to 's' [os]
   ->
   

   By default, the LDAP user role is operator (o), but you can configure additional roles. Regardless of the role you configure, the operator role is always configured.

5. Set the search base.

   -> set /SP/clients/ldap searchbase=us.oracle.com
   Set 'searchbase' to 'us.oracle.com'
   ->
   

6. Set the bind DN.

   -> set /SP/clients/ldap binddn=companyq.com
   Set 'binddn' to 'companyq.com'
   ->
   

7. Set the bind password.

   -> set /SP/clients/ldap bindpw=toothbrush
   Set 'bindpw' to 'toothbrush'
   ->
   

Related Information

• Oracle ILOM CLI Overview

• Getting Oracle ILOM Help (Oracle ILOM CLI)

• Display the Oracle ILOM LDAP Client Information (Oracle ILOM CLI)