1. Oracle ZFS Storage Appliance Administration Guide, Release OS8.8.x
  2. Appliance Services
  3. Configuring Services
  4. LDAP Configuration
  5. LDAP Custom Mappings

LDAP Custom Mappings

To search the LDAP directory, the appliance uses a search descriptor that is the base search DN plus a prepended default subtree specification. The appliance also uses default object class names and default attribute names to find properties that are needed.

The appliance has the following LDAP search behavior, in accordance with RFC 2307:

  • User searches – Prepends ou=people to the base search DN, uses object class posixAccount, and uses the attribute names shown in the first table.

  • Group searches – Prepends ou=group to the base search DN, uses object class posixGroup, and uses the attribute names shown in the second table.

  • Netgroup searches – Prepends ou=netgroup to the base search DN and uses object class nisNetgroup.

If these default values do not work with your environment, use the properties shown in the "LDAP Schema Properties" table in LDAP Properties to customize the search descriptor, object class names, and attribute names as shown in Configuring LDAP Schema Settings - BUI, CLI. To customize a search descriptor, enter the entire DN, including the base search DN and search scope. The appliance will use the customized value unmodified, and will ignore the values set for the base search DN and search scope properties. To customize object class names and attribute names, use default=new syntax, where default is the default value and new is the value that you want to use.

The following table shows the default attribute names that are used to find information about users.

Table 3-22 Attributes of the Users Data Type

Default Attribute Name Description of Attribute Value

uid

User name. For example: flastname

uidNumber

Numeric user ID

gidNumber

Numeric primary group ID

gecos

Display name. For example: "Firstname, Lastname"

The following table shows the default attribute names that are used to find information about groups.

Table 3-23 Attributes of the Groups Data Type

Default Attribute Name Description of Attribute Value

cn

Group name

gidNumber

Numeric group ID

memberUid

List of usernames of members

Related Topics