Login
- Table of Contents
-
- H3C HDM Configuration Examples-6W100
- 01-H3C Redfish Configuration Examples
- 02-H3C LDAP Configuration Examples
- 03-H3C IPMI Configuration Examples
- 04-H3C SNMP Configuration Examples
- 05-H3C HDM Mobile Configuration Examples for Remote Access to a Server Through L2TP VPN
- 06-H3C HDM Configuration Examples for Obtaining Event Logs Through the Redfish Interface
- 07-H3C HDM SMTP Configuration Examples
- 08-H3C HDM Zabbix-Based Server Monitoring Configuration Examples
- 09-H3C HDM Network Settings Configuration Examples
- 10-H3C hREST Configuration Examples for Configuring SNMP and Obtaining the CPU Information
- 11-H3C HDM Configuration Management Configuration Examples
- 12-HDM AD Configuration Examples
- 13-H3C HDM SOL Configuration Examples
- 14-HDM Unified Control Configuration Examples
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 02-H3C LDAP Configuration Examples | 439.83 KB |
H3C HDM
LDAP Configuration Examples
Copyright © 2023 New H3C Technologies Co., Ltd. All rights reserved.
No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of New H3C Technologies Co., Ltd.
Except for the trademarks of New H3C Technologies Co., Ltd., any trademarks that may be mentioned in this document are the property of their respective owners.
The information in this document is subject to change without notice.
Introduction
Lightweight directory access protocol (LDAP) is a protocol to access online directories, applicable to unified management of user authentication. The following information provides examples for configuring the LDAP directory management function in the H3C HDM management software.
Prerequisites
Procedures and information in the examples might be slightly different depending on the software or hardware version of the products.
The configuration was created and verified in a lab environment, and all the servers and software were started with the factory default configuration. When you are working on a live network, make sure you understand the potential impact of every command on your network.
The following information is provided based on the assumption that you have basic knowledge of the LDAP management features.
Applicable scenarios
The following information applies to scenarios where HDM access permissions need to be set for LDAP user groups. With LDAP user grouping and HDM permission management, more precise permission control can be achieved.
Configuration example
Network requirement
As shown in Figure 1, connect the HDM of H3C UniServer R4900 G3 server to the LDAP server and PC through the HDM dedicated interface, and ensure that the network communication is normal. On the LDAP server, the Windows Server 2012 R2 operating system is installed, and Active Directory (AD) server is configured. After the LDAP server is bound and the LDAP role groups are added on HDM, it is required that LDAP users can access HDM.
· HDM management software information:
¡ IP address: 192.168.19.87
¡ Administrator account: admin
¡ Password: Password@_
· LDAP server information:
¡ LDAP
username: user1
Password: Password@#
¡ LDAP user group: group1
¡ LDAP group organization: product<company
¡ LDAP server IP address: 192.168.19.254
¡ LDAP server domain: hdmldap.com
Analysis
On the LDAP server, add LDAP user user1 and role group group1. Bind the LDAP server on the HDM end, and add the role group group1. Access HDM as an LDAP user in the role group to verify the configuration.
Software versions used
This example was created and verified on HDM 2.26.
Procedures
Configuring the LDAP server
Adding an organizational unit (OU)
1. Log in to the Windows Server 2012 R2, and open the AD. Select Start > Administrative Tools, and double-click Active Directory Users and Computers.
2. Right-click the server domain hdmldap.com and select Create > Organization.
3. Enter the OU name company, as shown in Figure 2.
Figure 2 Adding an organizational unit (OU)
4. Click OK. Level-1 OU company is created.
5. Right-click company and select Create > Organization.
6. Enter the OU name product, as shown in Figure 3.
7. Click OK. Level-2 OU product is created.
Adding a role group
1. Right-click product and select Create > Group.
2. Enter the group name group1, as shown in Figure 4.
Figure 4 Entering the group name
3. Click OK.
Creating a user
1. Right-click product and select Create > User.
2. Enter the username user1 and user login name user1, and click Next.
3. Enter the password Password@# and uncheck Compulsory password change at next login.
4. Click Next to open the confirmation page, and click Finish.
Adding the user to a group
1. Right-click the user user1, and select Add to Group to open the Select Groups dialog box.
2. As shown in Figure 5, enter the target group name group1, and click Check Names to search for the user group.
Figure 5 Entering the group information
3. Click OK.
Configuring HDM management software
Logging in to HDM
1. Open a browser on a client, and then enter the HDM management IP address 192.168.19.87 to open the HDM login page. On the HDM login page, enter the default username admin and the default password Password@_, and then click Login, as shown in Figure 6.
2. Select Users & Security > Users, and select the Domain Users tab, as shown in Figure 7.
Figure 7 LDAP configuration page
Configuring the LDAP Server
1. Click Settings in the LDAP settings area, and configure the LDAP server information in the AD settings dialog box, as shown in Figure 8.
a. Select No encryption as Encryption type.
b. Select IP as the General name type.
c. Enter the LDAP server IP address 192.168.19.254 as the Server IP.
d. Use the default port ID.
e. Enter the DN information (not case sensitive) of user1 at Bind DN: cn=user1,ou=product,ou=company, dc=hdmldap,dc=com, including the username, organization and domain information, separated by commas in English.
f. Enter the password of user1: Password123.
g. Enter the domain information of user1 at User searching group: dc=hdmldap,dc=com.
h. Select cn as User login attribute.
2. Click OK. The HDM starts to establish a connection with the LDAP server.
Adding an LDAP role group
1. Click Add in the Operation column of LDAP configuration page to configure role group information in the pop-up box, as shown in Figure 9.
a. Enter the group name of LDAP user user1 as the role group name: group1.
b. Enter the searching library information (not case sensitive) of group1 as the role group searching library: dc=hdmldap,dc=com
c. Role group permission: Select Administrator.
d. Select relevant extension permissions.
Figure 9 Creating the LDAP group
2. Click OK.
Verifying the configuration
1. Open the client browser and enter the IP address 192.168.19.87 to access HDM. On the HDM login page, enter the user information of the role group group1, for example, user1 and Password@#, as shown in Figure 10.
Figure 10 Using LDAP user account to log in to the HDM
2. After successful login, check the permission of user1. As shown in Figure 11, the user user1 has permission for configuration management. Since only an administrator has such permission, user1 is an administrator, and its configuration is consistent with those in "Adding an LDAP role group."
Figure 11 Configuration interface after user login
Related documentation
· H3C HDM Technology White Paper
· H3C Servers HDM User Guide
