- Oracle ZFS Storage Appliance Administration Guide, Release OS8.8.x
- Appliance Services
- Configuring Services
- LDAP Configuration
- LDAP Security Settings
- Configuring LDAP Security Settings (CLI)
Configuring LDAP Security Settings (CLI)
- Go to
configuration services ldap
and entershow
to view the properties.The following table shows property value combinations that are valid for the remaining steps in this procedure.
cred_level auth_method use_tls anonymous
none
true
anonymous
none
false
self
sasl/GSSAPI
false
proxy
simple
true
proxy
simple
false
Note: This setting is permitted, but not recommended because the user's distinguished name (DN) and password will be sent in plain text.
proxy
sasl/DIGEST-MD5
true
proxy
sasl/DIGEST-MD5
false
- Specify the credentials to use to authenticate Oracle ZFS Storage Appliance to the LDAP server.
Set
cred_level
toanonymous
,self
, orproxy
.hostname:configuration services ldap> set cred_level=proxy
- Specify an authentication method.
Set
auth_method
to one of the following options:none
- None (use withanonymous
)sasl/GSSAPI
- SASL/GSSAPI (use withself
)simple
- Simple, RFC 4513 (use withproxy
)sasl/DIGEST-MD5
- SASL/DIGEST-MD5 (use withproxy
)
hostname:configuration services ldap> set auth_method=sasl/DIGEST-MD5
-
Set additional properties for proxy credentials.
If
cred_level
is set toproxy
, then set the proxy account name and password.hostname:configuration services ldap> set proxy_dn=ProxyName hostname:configuration services ldap> set proxy_password=MyPassword5
-
Enable SSL/TLS.
If you specified either
anonymous
orproxy
forcred_level
, you can choose to enable SSL/TLS. Enabling TLS is highly recommended so that critical information is sent securely.hostname:configuration services ldap> set use_tls=true
- Enter
commit
.Changes to the LDAP server configuration will be validated when committed. If the
proxy_dn
orproxy_password
validation fails or times out, a warning message is displayed.
Related Topics
-
"LDAP Security Properties" table in LDAP Properties