[Freeipa-users] NetApp Filer with IPA?

Ondrej Valousek ondrejv at s3group.cz
Mon Dec 12 16:30:26 UTC 2011 

I wonder if the following simplified setup I am using with AD:

ldap.ADdomain                mydomain.com
ldap.enable                  on
ldap.nssmap.attribute.uniqueMember Member
ldap.nssmap.objectClass.groupOfUniqueNames Group
ldap.nssmap.objectClass.posixAccount User
ldap.nssmap.objectClass.posixGroup Group
ldap.rfc2307bis.enable       on

would also work with IPA domains. I understand this would require NetApp to somehow join the IPA domain creating normal computer account, 
but I like the fact that I do not have to specify ldap server manually - NetApp finds it via DNS. Given the fact that IPA NS structure is 
pretty much similar to AD, it should just work, but I haven't tried yet....

Other bonus would be the possibility of using Kerberized NFSv4 w/ Netapp.

Ondrej

On 12/12/2011 11:55 AM, Sigbjorn Lie wrote:
> Hi,
>
> I've used OnTAP 7.3.3 with IPA. Using LDAP lookups for users/groups and netgroups so far, using
> autenticated connections to the IPA LDAP server. Have not been able to get LDAPS working yet.
>
> I still have kerberos for NFSv4 left to configure.
>
> I used the following OnTAP config:
>
> options ldap.base dc=test,dc=local
> options ldap.base.group cn=groups,cn=compat,dc=test,dc=local
> options ldap.base.netgroup cn=ng,cn=compat,dc=test,dc=local
> options ldap.base.passwd cn=users,cn=accounts,dc=test,dc=local
> options ldap.servers ipa01.test.local
> options ldap.name uid=s-netapp,cn=users,cn=accounts,dc=test,dc=local
> options ldap.passwd passwordforbinduser
> options ldap.minimum_bind_level      simple
> options ldap.usermap.attribute.unixaccount uid
> options ldap.servers                 ipa01.test.local
> options ldap.port                    389
> options ldap.ssl.enable off
> options ldap.usermap.attribute.unixaccount uid
> options ldap.usermap.attribute.windowsaccount ntUserDomainId
> options ldap.enable on
>
>
> Regards,
> Siggi
>
>
>
>
> On Mon, December 12, 2011 07:07, Craig T wrote:
>> Hi,
>>
>>
>> Has anyone tried configuring a NetApp Fas 270 filer to work with IPA?
>> I had it working perfectly via LDAP auth with 389 Directory Server (No IPA config) earlier,
>> however I'm new to IPA and I'm not sure about the importance of being part of the "IPA REALM" for
>> a device that will just use LDAP auth?
>>
>> cya
>>
>> Craig
>>
>>
>> _______________________________________________
>> Freeipa-users mailing list
>> Freeipa-users at redhat.com
>> https://www.redhat.com/mailman/listinfo/freeipa-users
>>
>>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


The information contained in this e-mail and in any attachments is confidential and is designated solely for the attention of the intended recipient(s). If you are not an intended recipient, you must not use, disclose, copy, distribute or retain this e-mail or any part thereof. If you have received this e-mail in error, please notify the sender by return e-mail and delete all copies of this e-mail from your computer system(s).
Please direct any additional queries to: communications at s3group.com.
Thank You.
Silicon and Software Systems Limited (S3 Group). Registered in Ireland no. 378073.
Registered Office: South County Business Park, Leopardstown, Dublin 18
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20111212/6639342a/attachment.htm>

More information about the Freeipa-users mailing list