Isilon: InsightIQ 4.1: Configuring Active Directory authentication
Summary: How to configure Active Directory authentication over LDAP with InsightIQ.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Instructions
InsightIQ configuration:
**NOTE** InsightIQ 4.1.2 supports logging in via sAMAccountName.
If you are running InsightIQ 4.1.2, you do not need to configure gidNumber or uid attributes in your Active Directory server.
On the Active Directory server confirm following attributes for groups and users.
1. Groups have to have a valid, configured gidNumber attribute.
2. Users have to have their uid set and it should be the same as their sAMAccountName attribute.
- Log in to InsightIQ web administration interface.
- Click SETTINGS tab.
- Click Users on the SETTINGS ribbon.
- Click Configure LDAP.
- Check Enable LDAP. Enabling LDAP allows you to edit the remaining fields on this page.
- Type Active Directory (AD) server (Domeain Controler) URI into the LDAP server field. Server URI should begin with ldap:// or ldaps://. Port is optional.
- Type the Base Search Entry. Distinguished Name (DN) of the entry to start searches at. If your AD domain is domain.com, your DN would be dc=domain,dc=com.
- Type AD server credentials in the Bind entry and Bind password fields. The Bind Entry should have the format of "user@domain". For example: ldap_service@emc.com
- Click link: Show optional setings.
- Type user into Object Class for users field. Attribute that defines a user on this server.
- Type group into Object Class for groups field. Attribute that defines a group on this server.
- Click Submit.
**NOTE** InsightIQ 4.1.2 supports logging in via sAMAccountName.
If you are running InsightIQ 4.1.2, you do not need to configure gidNumber or uid attributes in your Active Directory server.
On the Active Directory server confirm following attributes for groups and users.
1. Groups have to have a valid, configured gidNumber attribute.
2. Users have to have their uid set and it should be the same as their sAMAccountName attribute.
Additional Information
Tools, resources used while reproducing the issue/configuration in a lab environment:
- IIQ 4.1 vm
- Windows 2012 AD
- Wireshark to verify IIQ LDAP requests and responses from AD.
- Softerra LDAP Browser to verify LDAP / AD servers Distinguished Names and users and groups attributes.
- Log in to Domain Controller.
- Go to Active Directory Users and Computers.
- Click View tab.
- Click/check Advanced Features.
- Navigate to Users and open Properties window of related group or user.
- Navigate to and click on the Attribute Editor.
Affected Products
Isilon InsightIQProducts
Isilon, Isilon InsightIQArticle Properties
Article Number: 000022639
Article Type: How To
Last Modified: 15 Dec 2022
Version: 6
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.