This section explains how to use the qq ldap_set_settings command.

Description

Set settings for LDAP interaction

Usage

qq ldap_set_settings [-h] --use-ldap {false,true} --bind-uri BIND_URI --base-dn BASE_DN [--bind-username BIND_USERNAME] [--bind-password BIND_PASSWORD] [--encrypt-connection {false,true}] [--rfc2307]
    [--custom-group-member-attribute CUSTOM_GROUP_MEMBER_ATTRIBUTE] [--custom-user-group-identifier-attribute CUSTOM_USER_GROUP_IDENTIFIER_ATTRIBUTE] [--custom-login-name-attribute CUSTOM_LOGIN_NAME_ATTRIBUTE]
    [--custom-group-name-attribute CUSTOM_GROUP_NAME_ATTRIBUTE] [--custom-user-object-class CUSTOM_USER_OBJECT_CLASS] [--custom-group-object-class CUSTOM_GROUP_OBJECT_CLASS]
    [--custom-uid-number-attribute CUSTOM_UID_NUMBER_ATTRIBUTE] [--custom-gid-number-attribute CUSTOM_GID_NUMBER_ATTRIBUTE]

Flags

Flag Name Required Description
--use-ldap Yes Whether or not to enable the use of the LDAP server on the cluster.
--bind-uri Yes LDAP URI used to bind. Example: ldap://ldap-server.example.com
--base-dn Yes Base DNs (Distinguished Names). Separate multiple DNs using semicolons. Example: dc=account,dc=example,dc=com
--bind-username No Binding users's DN. Default is empty.
--bind-password No Password for simple authentication against LDAP server. If not specified, will use password that is currently stored on disk.
--encrypt-connection No If true, LDAP connection must be encrypted using TLS. Default is true.
--rfc2307 No Use the standard schema defined in RFC2307. Cannot be combined with any custom schema arguments.
--custom-group-member-attribute No The attribute on a group object which contains references to the members in that group.
--custom-user-group-identifier-attribute No The attribute on a user that the value of the group_member_attribute on a group refers to.
--custom-login-name-attribute No The attribute on a user that identifies their login name.
--custom-group-name-attribute No The attribute on a group that identifies their name.
--custom-user-object-class No The class of user objects.
--custom-group-object-class No The class of group objects.
--custom-uid-number-attribute No The attribute on a user that identifies their uid number.
--custom-gid-number-attribute No The attribute on an object that identifies their gid number.