Configuring AD without TLS for object access
Configuring AD without TLS does not provide secured communication between the IBM Spectrum Scale™ system and the authentication server.
- Submit the mmuserauth service create command
as shown in the following example:
The system displays the following output:# mmuserauth service create --type ad --data-access-method object --user-name "cn=Administrator,cn=Users,dc=IBM,dc=local" --password "just4YOU" --base-dn "dc=IBM,DC=local" --ks-dns-name c40bbc2xn3 --ks-admin-user admin --servers myADserver --user-id-attrib cn --user-name-attrib sAMAccountName --user-objectclass organizationalPerson --user-dn "cn=Users,dc=IBM,dc=local" --ks-swift-user swift --ks-swift-pwd Passw0rd
Object configuration with LDAP (Active Directory) as identity backend is completed successfully. Object Authentication configuration completed successfully.
- To verify the authentication configuration, issue the mmuserauth
service list command as shown in the following example:
The system displays the following output:# mmuserauth service list
FILE access not configured PARAMETERS VALUES ------------------------------------------------- OBJECT access configuration: AD PARAMETERS VALUES ------------------------------------------------- ENABLE_ANONYMOUS_BIND false ENABLE_SERVER_TLS false ENABLE_KS_SSL false USER_NAME cn=Administrator,cn=Users,dc=IBM,dc=local SERVERS myADserver BASE_DN dc=IBM,DC=local USER_DN cn=users,dc=ibm,dc=local USER_OBJECTCLASS organizationalPerson USER_NAME_ATTRIB sAMAccountName USER_ID_ATTRIB cn USER_MAIL_ATTRIB mail USER_FILTER none ENABLE_KS_CASIGNING false KS_ADMIN_USER admin
Parent topic: Configuring an AD-based authentication for object access
Related reference: