LDAP Configuration

Lightweight Directory Access Protocol (LDAP) is a directory service for centralizing management of users, groups, hostnames, and other resources (called objects). Oracle ZFS Storage Appliance can act as an LDAP client with the following characteristics:

• LDAP users can log in to the FTP and HTTP services.

• LDAP user names (instead of numerical IDs) can be used to configure root directory ACLs on a share.

  Note:

  The appliance does not use LDAP authorization information. All authorization information is local.

• The LDAP server's certificate can be self-signed.

• You can supply a list of trusted CA certificates.

To configure LDAP, you configure schema settings, security settings, and LDAP servers as described in the following sections:

• LDAP Properties

• LDAP Custom Mappings

• Configuring LDAP Schema Settings - BUI, CLI

• LDAP Security Settings

• Configuring LDAP Security Settings - BUI, CLI

• Configuring the LDAP Server List - BUI, CLI

• Configuring LDAP Server Certificates

• Monitoring LDAP Server Status - BUI, CLI

If Active Directory (AD) is used for the appliance's LDAP service, you can automatically configure LDAP for the current AD domain by following the appropriate procedure: BUI or CLI.

After you have completed LDAP configuration, you can configure an existing LDAP user to be an appliance user. See Adding an LDAP User to the Appliance.