To automatically configure the LDAP service for the currently joined AD domain, perform the following steps:
Ensure the appliance is joined to the appropriate AD domain.
Go to configuration services ad and enter ldap.
hostname:> configuration services ad
hostname:configuration services ad> ldap
Confirm your action to automatically configure LDAP by entering y.
Are you sure you want the system to automatically configure LDAP for this AD domain? y
LDAP has been set up for use with this AD domain;
Please navigate to 'configuration services ldap' to view or customize.
To view the LDAP configuration, go to configuration services ldap and enter command show.
hostname:configuration services ad> cd ..
hostname:configuration services> ldap
hostname:configuration services ldap> show
To customize the LDAP service configuration, go to configuration services ldap and see LDAP Configuration.
To leave the domain mode, join a Windows workgroup, and to clear the LDAP configuration that has been set for the current domain, enter the following commands:
hostname:configuration services ad> workgroup
hostname:configuration services ad workgroup> set workgroup=WORKGROUP
hostname:configuration services ad workgroup> set unconfig_ldap=true
hostname:configuration services ad workgroup> commit
hostname:configuration services ad> show
Properties:
workgroup = WORKGROUP
unconfig_ldap = true
hostname:configuration services ad workgroup> done
hostname:configuration services ad> show
Properties:
<status> = disabled
mode = workgroup
workgroup = WORKGROUP
Rules for setting property unconfig_ldap:
When LDAP has been configured with AD and the appliance is leaving the current AD domain, set this property to true to leave the AD domain permanently and to clear the LDAP configuration. After the LDAP service is unconfigured, it is automatically disabled.
Set this property to false if LDAP has been configured with AD and you want to later rejoin the current AD domain and retain the AD LDAP configuration.
This property cannot be changed from false when the LDAP service is not configured. Additionally, this property cannot be changed from false, and the LDAP configuration remains intact, when:
The appliance is not changing from domain mode to workgroup mode.
LDAP is configured for a different AD domain, not the current domain.