SANtricity 11.8 Commands
Create storage Array directory server
The create storageArray directoryServer command allows you to add a new directory server to be used for authenticating and authorizing users.
Supported Series
This command applies to an individual HB2100/HB2200/HB2300, HB5100/HB5200, AB6100 or AB3100 storage system.
Roles
To execute this command on an HB2100/HB2200/HB2300, HB5100/HB5200, AB6100, or AB3100 storage system, you must have the Security Admin role.
Syntax
create storageArray directoryServer
[domainId="domainId"
domainNames=("domainName1"..."domainNameN")
serverUrl="serverUrl"
[bindAccount="username" bindPassword="password"]
searchBaseDN="distinguishedName"
usernameAttribute="attributeName"
groupAttributes=("attrName1"..."attrNameN")
[skipConfigurationTest={true | false}]
Parameters
| Parameter | Description | ||||
|---|---|---|---|---|---|
|
Allows you to specify a unique ID for this domain. If not specified, a unique GUID will be generated. |
||||
|
Allows you to specify one or more valid domain names for the directory server. If you enter more than one name, separate the values with a space. |
||||
|
Allows you to specify the URL to access the LDAP server in the form of ldap[s]://hostAddress:port. If the LDAPS protocol is used, ensure that the root/intermediate certificate(s) to validate the directory server’s signed certificate is imported using the certificate commands. |
||||
|
Allows you to specify the username or bind ID to be used as the binding account. |
||||
|
Allows you to specify the password to be used as the binding password. |
||||
|
Allows you to specify the search base Distinguished Name to search for LDAP user objects for determining group membership. |
||||
|
Allows you to specify the attribute to be used to search for user objects for determining group membership. If specified, the string must contain the variable |
||||
|
Allows you to set one or more group attributes to be used to look for group Distinguished Names. Distinguished names are used to determine group membership for role mapping.
|
||||
|
Allows you to skip the configuration test before the configuration is saved. The default is |
Examples
SMcli -n Array1 -c "create storageArray directoryServer
domainNames=("company.com") serverUrl="ldap://hqldap.company.com:389"
bindAccount="dummyBindDN" bindPassword="dummyPassword"
searchBaseDN="OU=_Users,DC=hq, DC=company,DC=com"
usernameAttributes="sAMAccountName={uid}" groupAttributes="memberOf";"
SMcli completed successfully.
