This topic explains how to validate that the Active Directory and SAN File System configurations are set correctly.
ldapsearch –h ldap://LDAP_SERVER/ –w 'password” –D “LDAP_USER” -x –b “LDAP_BASEDN_ROLES” '(objectclass=group)'On the SAN File System engine, this command uses the LDAP_USER login as described earlier to list all group objects on the domain server, LDAP_ SERVER, that match a LDAP_BASEDN_ROLES object. Based on our example, the command might be:
ldapsearch -h ldap://128.47.79.140/ -w “password” -D “cn=LDAP_Admin,cn=Users,dc=sanfsdom,dc=net” -x -b “cn=Users,dc=sanfsdom,dc=net” '(objectclass=group)'Here is an example of the output of the command with the details of other groups removed:
CN=SANFS_Admins,CN=Users,DC=sanfsdom,DC=net member=CN=newuser1,CN=Users,DC=sanfsdom,DC=net member=CN=IFTEST_USER,CN=Users,DC=sanfsdom,DC=net member=CN=stuser,CN=Users,DC=sanfsdom,DC=net member=CN=root,CN=Users,DC=sanfsdom,DC=net info=This global security group designates users who have SANFS Administrator authorization. cn=SANFS_Admins description=Administrator groupType=-2147483646 instanceType=4 distinguishedName=CN=SANFS_Admins,CN=Users,DC=sanfsdom,DC=net objectCategory=CN=Group,CN=Schema,CN=Configuration, DC=sanfsdom,DC=net objectClass=top objectClass=group objectGUID=NOT ASCII objectSid=NOT ASCII name=SANFS_Admins sAMAccountName=SANFS_Admins sAMAccountType=268435456 uSNChanged=2756 uSNCreated=2744 whenChanged=20031106013743.0Z whenCreated=20031106005502.0Z CN=SANFS_Operators,CN=Users,DC=sanfsdom,DC=net cn=SANFS_Operators groupType=-2147483646 instanceType=4 distinguishedName=CN=SANFS_Operators,CN=Users,DC=sanfsdom,D C=net objectCategory=CN=Group,CN=Schema,CN=Configuration,DC=sanfs dom,DC=net objectClass=top objectClass=group objectGUID=NOT ASCII objectSid=NOT ASCII name=SANFS_Operators sAMAccountName=SANFS_Operators sAMAccountType=268435456 uSNChanged=2787 uSNCreated=2785 whenChanged=20031106145326.0Z whenCreated=20031106145326.0Z
Parent topic: Configuring LDAP using Microsoft Active Directory LDAP
Previous topic: Configuring SAN File System to use Active Directory