Configure LDAP Settings

Language:

Note - You can use the get and set commands to configure Oracle ILOM for LDAP. For a description of the MIB objects used in this procedure, see the table that follows the procedure.

Log in to a host that has an SNMP tool and the Oracle ILOM MIBs installed. For example, type:
ssh username@snmp_manager_ipaddress

Password: password

Refer to the following SNMP command examples:

To view whether the LDAP server is enabled to authenticate LDAP users, type:
```
% snmpget SNMP_agent ilomCtrlLdapEnabled.0
```

To set the LDAP server state to enabled to authenticate LDAP users, type:
```
% snmpset SNMP_agent ilomCtrlLdapEnabled.0 i 1
```

To view the LDAP server IP address, type:

% snmpget SNMP_agent ilomCtrlLdapServerIP.0

To set the LDAP server IP address, type:

% snmpset SNMP_agent ilomCtrlLdapServerIP.0 a ipaddress

To view the LDAP server port number, type:

% snmpget SNMP_agent ilomCtrlLdapPortNumber.0

To set the LDAP server port number, type:

% snmpset SNMP_agent ilomCtrlLdapPortNumber.0 i 389

To view the LDAP server Distinguished Name, type:
```
% snmpget SNMP_agent ilomCtrlLdapBindDn.0
```

To set the LDAP server Distinguished Name, type:

% snmpset SNMP_agent
ilomCtrlLdapBindDn.0 s ou=people,ou=sales,dc=oracle,dc=com

To view the LDAP server password, type:

% snmpget SNMP_agent ilomCtrlLdapBindPassword.0

To set the LDAP server password, type:

% snmpset SNMP_agent ilomCtrlLdapBindPassword.0 s password

To view the branch of your LDAP server on which user searches are made, type:
```
% snmpget SNMP_agent ilomCtrlLdapSearchBase.0
```

To set the branch of your LDAP server on which to search for users, type:
```
% snmpset SNMP_agent ilomCtrlLdapSearchBase.0 s ldap_server_branch
```

To view the LDAP server default role, type:

% snmpget SNMP_agent ilomCtrlLdapDefaultRoles.0

To set the LDAP server default role to Administrator, type:

% snmpset SNMP_agent ilomCtrlLdapDefaultRoles.0 s administrator

The following table describes the LDAP Settings SNMP MIB objects.

MIB Object	Description	Allowed Values	Type	Default
`ilomCtrlLdap Enabled`	Specifies whether the LDAP client is enabled.	`true(1),` `false(2)`	Integer	false
`ilomCtrlLdap ServerIP`	The IP address of the LDAP server used as a name service for user accounts.	`ipaddress`	String	None
`ilomCtrlLdap PortNumber`	Specifies the port number for the LDAP client.	`portnumber` (range: 0 to 65535)	Integer	389
`ilomCtrlLdap BindDn`	The Distinguished Name (DN) for the read-only proxy user used to bind to the LDAP server. For example: `“cn=proxyuser,ou=people,dc=oracle,dc=com"`	`distinguished_name`	String	None
`ilomCtrlLdap BindPassword`	The password of a read-only proxy user that is used to bind to the LDAP server. This property is essentially write-only. The write-only access level is no longer supported as of SNMP v2. This property must return a null value when read.	`password`	String	None
`ilomCtrlLdap SearchBase`	A search base in the LDAP database below which to find users. For example: “`ou=people,dc=oracle,dc=com`"	The branch of your LDAP server on which to search for users	String	None
`ilomCtrlLdap DefaultRoles`	Specifies the role that a user authenticated via LDAP should have. This property supports the legacy roles of Administrator or Operator, or any of the individual role ID combinations of `a`, `u`, `c`, `r`, `o`, and `s`. For example, `aucros`, where `a`=admin, `u`=user, `c`=console, `r`=reset, `o`=read-only, and `s`=service.	`administrator,` `operator,` `admin(a),` `user(u),` `console(c),` `reset(r),` `read-only(o),` `service(s)`	String	None