Configure AD Properties (Oracle ILOM CLI) - Oracle EDR InfiniBand Switch and Virtualized I/O Systems Administration Guide

Oracle EDR InfiniBand Switch and Virtualized I/O Systems Administration Guide

Exit Print View

» ...Documentation Home » Oracle InfiniBand Switch IS2-46 Documentation ... » Oracle EDR InfiniBand Switch and Virtualized ... » Controlling the Switch (Oracle ILOM CLI) » Managing Authentication and Access (Oracle ... » Managing the AD Client (Oracle ILOM CLI) » Configure AD Properties (Oracle ILOM CLI)

Updated: November 2016

Oracle EDR InfiniBand Switch and Virtualized I/O Systems Administration Guide

Document Information

Using This Documentation

Understanding System Administration Resources

Accessing the Switch

Monitoring the Switch (Oracle ILOM CLI)

Monitoring the Switch (Oracle ILOM Web)

Understanding Oracle ILOM Targets

Understanding SNMP MIB OIDs

Understanding the EMS Module

Controlling the Switch (Oracle ILOM CLI)

Managing Switch Components and Identification (Oracle ILOM CLI

Configure the Switch IP Address (Oracle ILOM CLI)

Configure the Switch Console Properties (Oracle ILOM CLI)

Configure the Date and Time (Oracle ILOM CLI)

Configure the Time Zone (Oracle ILOM CLI)

Configure the NTP Client (Oracle ILOM CLI)

Configure the System Identification Properties (Oracle ILOM CLI)

Managing Switch Configurations (Oracle ILOM CLI)

Managing the Locator LED (Oracle ILOM CLI)

Reset the SP (Oracle ILOM CLI)

Restart the SP (Oracle ILOM CLI)

Controlling the Switch Chips (Oracle ILOM CLI)

Control Checking for SP Physical Presence (Oracle ILOM CLI)

Controlling I/O Modules (Oracle ILOM CLI)

Managing Authentication and Access (Oracle ILOM CLI)

Managing the AD Client (Oracle ILOM CLI)

Enable the AD Client (Oracle ILOM CLI)

Configure AD Properties (Oracle ILOM CLI)

Configure DNS Locator Queries (Oracle ILOM CLI)

Manage an AD Server's Certificate (Oracle ILOM CLI)

Configure an Alternate AD Server (Oracle ILOM CLI)

Manage Certificates for Alternate AD Servers (Oracle ILOM CLI)

AD Groups (Oracle ILOM CLI)

Configure an AD Administrator Group (Oracle ILOM CLI)

Configure an AD Custom Group (Oracle ILOM CLI)

Configure an AD Operator Group (Oracle ILOM CLI)

Configure an AD User Domain (Oracle ILOM CLI)

Disable the AD Client (Oracle ILOM CLI)

Configure the DNS Client (Oracle ILOM CLI)

Configure the LDAP Client (Oracle ILOM CLI)

Managing the LDAP over SSL Client (Oracle ILOM CLI)

Enable the LDAP over SSL Client (Oracle ILOM CLI)

Configure LDAP over SSL Client Properties (Oracle ILOM CLI)

Manage an LDAP over SSL Server's Certificate (Oracle ILOM CLI)

Configure Alternate LDAP over SSL Servers (Oracle ILOM CLI)

Manage Certificates for Alternate LDAP over SSL Servers (Oracle ILOM CLI)

LDAP over SSL Groups (Oracle ILOM CLI)

Configure an LDAP over SSL Administrator Group (Oracle ILOM CLI)

Configure an LDAP over SSL Operator Group (Oracle ILOM CLI)

Configure an LDAP over SSL Custom Group (Oracle ILOM CLI)

Configure an LDAP over SSL User Domain (Oracle ILOM CLI)

Configure an LDAP over SSL Optional User Mapping (Oracle ILOM CLI)

Disable the LDAP over SSL Client (Oracle ILOM CLI)

Managing the RADIUS Client (Oracle ILOM CLI)

Enable the RADIUS Client (Oracle ILOM CLI)

Configure RADIUS Properties (Oracle ILOM CLI)

Configure a RADIUS Alternate Server (Oracle ILOM CLI)

Disable the RADIUS Client (Oracle ILOM CLI)

Managing SSO (Oracle ILOM CLI)

Enable SSO (Oracle ILOM CLI)

Disable SSO (Oracle ILOM CLI)

Managing Notifications and Logging (Oracle ILOM CLI)

Configure the SMTP Client (Oracle ILOM CLI)

Managing Alerts and Events (Oracle ILOM CLI)

Managing Logs (Oracle ILOM CLI)

Managing Management Networking (Oracle ILOM CLI)

Configure the Management Network Parameters (Oracle ILOM CLI)

Managing IPv4 Management Network Properties (Oracle ILOM CLI)

Managing IPv6 Management Network Properties (Oracle ILOM CLI)

Test the Management Network Configuration (Oracle ILOM CLI)

Managing Management Connections to the Switch (Oracle ILOM CLI)

Managing Serial Connections (Oracle ILOM CLI)

Managing Switch Management Connection and Login Messages (Oracle ILOM CLI)

Configure the Oracle ILOM CLI Session Timeout (Oracle ILOM CLI)

Managing Switch Interface Methods (Oracle ILOM CLI)

Managing the HTTP Service (Oracle ILOM CLI)

Managing the HTTPS Service (Oracle ILOM CLI)

Managing the SSH Service (Oracle ILOM CLI)

Managing SNMP Services (Oracle ILOM CLI)

Managing IPMI Services (Oracle ILOM CLI)

Restart Oracle ILOM

Restart Oracle Fabric OS

Managing the ASR Client (Oracle ILOM CLI)

Enable the ASR Client (Oracle ILOM CLI)

Configure the ASR Properties (Oracle ILOM CLI)

Configure the ASR Proxy Properties (Oracle ILOM CLI)

Disable the ASR Client (Oracle ILOM CLI)

Managing User Accounts (Oracle ILOM CLI)

Managing Oracle ILOM User Accounts (Oracle ILOM CLI)

Delete a Session (Oracle ILOM CLI)

Configure the FIPS Service (Oracle ILOM CLI)

Controlling the Switch (Oracle ILOM Web)

Updating the Firmware

Language:

Configure AD Properties (Oracle ILOM CLI)

Numerous AD properties are customizable for your environment. Assuming the AD protocol is enabled (see Enable the AD Client (Oracle ILOM CLI)), you can use this task to configure the various protocol properties.

Set the timeout value for AD communication.

-> set /SP/clients/activedirectory/ timeout=10
Set 'timeout' to '10'
->

Set the AD default role assigned to AD users.
```
-> set /SP/clients/activedirectory/ defaultrole=o
Set 'defaultrole' to 's' [os]
->
```
For the role, you can use the characters of the aucros string to enable the respective abilities. See User Roles and Permissions. The operator role (o) is added to whatever single role you set.

Enable expanded search (expsearch) mode.

-> set /SP/clients/activedirectory/ expsearchmode=enabled
Set 'expsearchmode' to 'enabled'
->

(Optional) Set the amount of information to include for AD communication and events written to the audit and event logs.
```
-> set /SP/clients/activedirectory/ logdetail=property_value
->
```
where property_value is:
- high, medium, low, or trace for more or less information in the log.
- none, for either no details, or to completely disable logging.
For example, to include the most amount of information, type:
```
-> set /SP/clients/activedirectory/ logdetail=high 
Set 'logdetail' to 'high'
->
```

Enable strict certificate mode.
```
-> set /SP/clients/activedirectory/ strictcertmode=enabled
Set 'strictcertmode' to 'enabled'
->
```
Note - To use this option, the Authentication Server Certificate file must be available to the switch.

Enable strict credential error mode.

-> set /SP/clients/activedirectory/ strictcredentialerrormode=enabled
Set 'strictcredentialerrormode' to 'enabled'
->

If needed, configure DNS locator queries.
See Configure DNS Locator Queries (Oracle ILOM CLI).

Related Information

Copyright © 2016, Oracle and/or its affiliates. All rights reserved. Legal Notices