mark.zhang
1 Copper

Config CMC/iDrac on M1000e and FX2 for general LDAP authentication

I have tested on my Openldap servers which is working for my Linux, not AD.

I posted here for anyone who need it.

Remember: Only LDAP over SSL can work, without SSL, failed.

Select Generic LDAP.

Generic LDAP enable                                                              Check

Use Distinguished Name to Search Group Membership         Check

Certificate Validation Enable                                                    Uncheck

(if check, you need certification file upload, I guess it would be enterprise CA. Not test)

Bind DN                                                                                    uid=xxx,ou=users,dc=xxx,dc=com

Bind Password                                                                         xxxxxxxxxxxxxxx

Base DB to Search                                                                   dc=xxx,dc=com

Attribute of User Login                                                             uid

Attibute of Group Membership                                                 uniqueMember or Blank

Search Filter                                                                            Blank

(Important: leave it blank, not object=*, I tried, failed)

Timeout can be kept default.

LDAP Servers                                                                          ServerName or IP

(Write ServerName, DNS must be set in the network tab)

LDAP Server Port                                                                     636(default)

Group Settings:

Role Groups 1      which means set a group DN mapped to role, normally administrator permissions

This can be set in the webGUI. I tested it through racadm. iDRAC may test on the webGUI.

racadm testfeature -f LDAP -u username -p password -d 0x02 (0xf2)

 

0 Kudos
1 Reply

RE: Config CMC/iDrac on M1000e and FX2 for general LDAP authentication

Hello.

Thank you for sharing this important bit of information!

Robert Alakara

Dell EMC | Enterprise Services

0 Kudos