Associate the LDAP client configuration with SVMs

Contributors

To enable LDAP on an SVM, you must use the vserver services name-service ldap create command to associate an LDAP client configuration with the SVM.

What you’ll need
  • An LDAP domain must already exist within the network and must be accessible to the cluster that the SVM is located on.

  • An LDAP client configuration must exist on the SVM.

Steps
  1. Enable LDAP on the SVM:

    vserver services name-service ldap create -vserver vserver_name -client-config client_config_name

    Note

    Starting in ONTAP 9.2, the vserver services name-service ldap create command performs an automatic configuration validation and reports an error message if ONTAP is unable to contact the name server.

    The following command enables LDAP on the "vs1"SVM and configures it to use the "ldap1" LDAP client configuration:

    cluster1::> vserver services name-service ldap create -vserver vs1 -client-config ldap1 -client-enabled true
  2. Validate the status of the name servers by using the vserver services name-service ldap check command.

    The following command validates LDAP servers on the SVM vs1.

    cluster1::> vserver services name-service ldap check -vserver vs1
    
    | Vserver: vs1                                                |
    | Client Configuration Name: c1                               |
    | LDAP Status: up                                             |
    | LDAP Status Details: Successfully connected to LDAP server "10.11.12.13".                                              |

    The name service check command is available starting in ONTAP 9.2.