LDAP Configuration
Lightweight Directory Access Protocol (LDAP) is a directory service for centralizing management of users, groups, hostnames, and other resources (called objects). Oracle ZFS Storage Appliance can act as an LDAP client with the following characteristics:
-
LDAP users can log in to the FTP and HTTP services.
-
LDAP user names (instead of numerical IDs) can be used to configure root directory ACLs on a share.
Note:
The appliance does not use LDAP authorization information. All authorization information is local. -
The LDAP server's certificate can be self-signed.
-
You can supply a list of trusted CA certificates.
To configure LDAP, you configure schema settings, security settings, and LDAP servers as described in the following sections:
If Active Directory (AD) is used for the appliance's LDAP service, you can automatically configure LDAP for the current AD domain by following the appropriate procedure: BUI or CLI.
After you have completed LDAP configuration, you can configure an existing LDAP user to be an appliance user. See Adding an LDAP User to the Appliance.