Configuring LDAP

If you want the storage virtual machine (SVM) to get user information from Active Directory-based Lightweight Directory Access Protocol (LDAP), you must create an LDAP client, enable it for the SVM, and give LDAP priority over other sources of user information.

Before you begin

The LDAP configuration must be using Active Directory (AD).
If you use another type of LDAP, you must use the command-line interface (CLI) and other documentation to configure LDAP.
You must know the AD domain and servers, as well as the following binding information: the authentication level, the Bind user and password, the base DN, and the LDAP port.

Navigate to the SVMs window.
Select the required SVM
Click the SVM Settings tab.
Set up an LDAP client for the SVM to use:
1. In the Services pane, click LDAP Client.
2. In the LDAP Client Configuration window, click Add.
3. In the General tab of the Create LDAP Client window, type the name of the LDAP client configuration, such as vs0client1.
4. Add either the AD domain or the AD servers.
5. Click Binding, and specify the authentication level, the Bind user and password, the base DN, and the port.
6. Click Save and Close.
A new client is created and available for the SVM to use.
Enable the new LDAP client for the SVM:
1. In the navigation pane, click LDAP Configuration.
2. Click Edit.
3. Ensure that the client you just created is selected in LDAP client name.
4. Select Enable LDAP client, and click OK.
The SVM uses the new LDAP client.
Give LDAP priority over other sources of user information, such as Network Information Service (NIS) and local users and groups:
1. Navigate to the SVMs window.
2. Select the SVM and click Edit.
3. Click the Services tab.
4. Under Name Service Switch, specify LDAP as the preferred name service switch source for the database types.
5. Click Save and Close.
LDAP is the primary source of user information for name services and name mapping on this SVM.

Give documentation feedback