Adding users from external LDAP to system operation
You need to add user IDs from your external directory to the system groups of Cloud Pak for Data System, so that they can connect to system console and
perform system operations just like apadmin
.
About this task
There are two groups defined in the local LDAP server where user IDs can be added:
ibmapsysadmins
: Members of this group can operate with privileges ofapadmin
and can execute many commands with sudo privileges.ibmapsysusers
: Members of this group are considered common users.
ap_external_ldap useradd -h
usage: ap_external_ldap useradd [-h] -u USERNAME -d DISPLAYNAME -g {2001,2002}
-e EMAIL
optional arguments:
-h, --help show this help message and exit
-u USERNAME, --user USERNAME
username from LDAP or Active Directory server
-d DISPLAYNAME, --displayname DISPLAYNAME
displayName of user from LDAP or Active Directory
server
-g {2001,2002}, --groupid {2001,2002}
platform groupid: 2001 for ibmapsysadmins, 2002 for
ibmapsysusers
-e EMAIL, --email EMAIL
email of user from LDAP or Active Directory server
Following are the steps to add a user user1
from your LDAP directory to system
OS group ibmapsysadmins
.
Procedure
Results
user1
has added to system operations with administrative
privileges.