170 Fabric OS Administrator’s Guide
53-1002745-02
Remote authentication
5
DESC 'Brocade specific data for LDAP authentication'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
objectclass ( 1.3.6.1.4.1.8412.110 NAME 'user'
DESC 'Brocade switch specific person'
SUP top AUXILIARY
MAY ( brcdAdVfData $ description ) )
2. Include the schema file in the slapd.conf file.
The following example slapd.conf line assumes that local.schema contains the attribute
definition provided in step 1.
include /usr/local/etc/openldap/schema/local.schema
3. Include the brcdAdVfData attribute in a user entry in the LDAP Directory.
• If you are using Administrative Domains, enter the value of each Admin Domain separated
by an underscore ( _ ). Each number represents the number of the Admin Domain to which
the user has access. The first such number represents the user’s Home domain.
Example for adding Admin Domains
In the following example, the user is granted access to Admin Domains 0, 10, and 200.
Admin Domain 0 is the domain that the user initially logs into.
brcdAdVfData: adlist_0_10_200_endAd
• If you are using Virtual Fabrics, enter the value of the logical fabrics to which the user has
access. Up to three value fields can be specified, separated by an semicolons ( ; ):
• The HomeLF field specifies the user’s home Logical Fabric.
• The LFRole list field specifies the additional Logical Fabrics to which the user has
access and the user’s access permissions for those Logical Fabrics. Logical Fabric
numbers are separated by commas ( , ). A hyphen ( - ) indicates a range.
• The ChassisRole field designates the permissions that apply to the ChassisRole
subset of commands.
Example for adding Virtual Fabrics
In the following example, the logical switch that would be logged into by default is 10. If 10
is not available then the lowest FID available will be chosen.The user is given permission to
enter logical switches 1 through 128 in an admin role and is also given the chassis role
permission of admin.
brcdAdVfData: HomeLF=10;LFRoleList=admin:1-128;ChassisRole=admin
The following fragment from a file named test4.ldif provides an entry for a user with Virtual Fabric
access roles.
# Organizational Role for Users
dn: cn=Users,dc=mybrocade,dc=com
objectClass: organizationalRole
cn: Users
description: User
# User entries
dn: cn=Sachin,cn=Users,dc=mybrocade,dc=com
objectClass: user
objectClass: person
To Next Page
Loading...
Need help?
General