predefined user, the user will be granted the rights of the corresponding
predefined user, regardless of its LDAP settings (e.g., association with an XIV
application admin role), as LDAP is not consulted for predefined users.
Example:
ldap_config_set
base_dn version xiv_group_attrib
storage_admin_role read_only_role
session_cache_period bind_time_limit
use_ssl user_id_attrib first_expiration_event
second_expiration_event
third_expiration_event
xiv_user
xiv_password
server_type="SUN DIRECTORY"
Output:
Command executed successfully.
Access Control:
User Category Permission
Storage administrator Allowed
Storage integration administrator Disallowed
Application administrator Disallowed
Security administrator Disallowed
Read-only users Disallowed
Technicians Disallowed
Completion Codes:
v LDAP_IS_NOT_FULLY_CONFIGURED
LDAP is not fully configured
Troubleshooting: Check your settings.
v LDAP_CONFIG_CHANGE_IS_ILLEGAL_WHEN_
AUTHENTICATION_IS_ACTIVE
This LDAP configuration change is invalid when LDAP configuration is active
Troubleshooting: Disable LDAP-based authentication and then change LDAP
configuration.
v LDAP_ROLE_ALREADY_USED
LDAP role is already in use in LDAP configuration or in a user group
v NO_LDAP_SERVERS_WITH_CERTIFICATE_ARE_DEFINED
No LDAP servers with an LDAP certificate are defined in the system
v INVALID_EXPIRATION_EVENT_DATES
Dates for expiration events must be in ascending order
v LDAP_READ_ONLY_ROLE_HAS_WRONG_NUMBER_OF_PARTS
LDAP read only role contains too many parts
Troubleshooting: the role is divided to parts by ';' the number of parts shold be
between 0 and 8
v LDAP_ROLE_HAS_DUPLICATED_PARTS
Chapter 18. Access Control 369
To Next Page
Loading...
Need help?
General
