Follow

About this task

Define an OpenLDAP server to serve as a local InfiniBox user repository. The user accounts in its database are granted access to the InfiniBox management interfaces: the GUI console, the CLI, and the API.

The user credentials you provide when defining an OpenLDAP server are stored in InfiniBox for future LDAP queries. It is recommended that this be a read-only account.

Before you begin

Read the User Repositories section at: Overview of InfiniBox user management.

Prerequisites

  • The Bind username and password of the InfiniBox machine's read-only user account in the LDAP server

Defining an OpenLDAP server repository

Define OpenLDAP domains and their servers so that the domain users can log in to InfiniBox.

  1. In the InfiniBox Management Console, click the Settings icon on the left toolbar, and select the LDAP/AD tab.

  2. Click the Define button.
  3. Select Open LDAP as the repository type.
  4. Enter a Repository Name to be displayed in the InfiniBox Management Console. This does not have to be the actual OpenLDAP name.
  5. In the Insert Servers field, for each LDAP server, enter its server name or IP address, and click Add.
    For failover support, it is recommended to enter more than one server.
  6. If your OpenLDAP does not support SSL, disable Use SSL (LDAPS).
  7. Enter the Port number.
    • The default port number if using SSL is 636.
    • The default port number if not using SSL is 389.
  8. Enter the Bind username and Bind password of the InfiniBox machine's read-only user account in LDAP. These credentials are stored in InfiniBox for future LDAP queries.
  9. Click Schema Definition near the bottom of the page.
    The default information for an Active Directory server is displayed. For OpenLDAP servers, this information must conform to the individual server.
  10. Enter the following information:
    • User Class
    • Username Attribute
    • Users Base DN, in the format is ou=Users,dc=fsubfolder1,dc=subfolder2
      This points to the OpenLDAP folder that contains the user IDs.
      The Users folder can point to users or to any place where user credentials are stored, such as folders and other devices.
    • Group Class
    • Group Name Attribute
    • Member-of Attribute
    • Group Base DN
  11. Click Test to ensure that InfiniBox can communicate with the server.
    A message lets you know if the LDAP test was successful or not.
    If the test fails, correct the problem described in the message.
  12. Click Define Server to complete the OpenLDAP definition.
  13. To authorize the members of a user group to access the InfiniBox management interfaces, see Defining user groups.

Testing the user repository data connection

You can test the data connection at any time to ensure that the server configuration is correct.

  1. In the InfiniBox Management Console, click the Settings icon on the left toolbar, and select the LDAP/AD tab.
  2. Right-click an OpenLDAP definition, and select Modify Configuration.
    The Modify Active Directory Server screen opens. 
  3. Click Test to ensure that InfiniBox can communicate with the server.
    A message lets you know if the LDAP test was successful or not.
    If the test fails, correct the problem described in the message.
Was this article helpful?
0 out of 0 found this helpful

0 out of 0 found this helpful

Last edited: 2022-02-06 13:29:12 UTC

Comments