LDAP integration negates the need to add local users to the XtremIO. If LDAP is enabled when a user logs in it is first checked against the local users. If one does not exist it will then query LDAP and negotiate from there. If you create a local user it will override the ability to use the LDAP authentication for that user. You are correct that it does not integrate like that with LDAP. The XtremIO does not integrate and provide LDAP administration. To address the last point, when LDAP is queried it authenticates through the password. We have seen where the array will cache the credentials for 24 hours but this was only on older code. The newest code should resolve caching issues.

- ChrisP

the xtremIO ldap integration experience hasn't been the best in my experiences. group membership doesn't pass effectively, thus I resort to creating a manual user but I have created manual users where the External=Yes. I just don't recall whether that flag is only set via cli.

so how to make it yes as its local user

Hi,

Thanks for your question.

Do you have an LDAP server configured on the device? External has to be from an ldap server.

add-ldap-config The add-ldap-config admin-level command adds a new LDAP configuration profile to the LDAP configuration table.

Usage: add-ldap-config server-urls= roles= search-filter= [ binddn=,OU=,DC=,DC=> ] [ bindpw= ] [ timeout= ] [ search-base=,DC=,DC=> ] [ user-to-dn-rule= ] [ cache-expire-hours= ] [ ca-cert-data= ]

Let us know if you have any additional questions.