LDAP query settings

You can configure the entry point and depth at which to search for LDAP users, groups, and netgroups. You also can configure the settings for user home directory provisioning.

Note Image

OneFS is RFC 2307-compliant.

Base distinguished name
Specifies the base distinguished name (base DN) of the entry at which to start LDAP searches for user, group, or netgroup objects. Base DNs can include cn (Common Name), l (Locality), dc (Domain Component), ou (Organizational Unit), or other components. For example, dc=emc,dc=com is a base DN for emc.com.
Search scope
Specifies the depth from the base DN at which to perform LDAP searches. The following values are valid:
Default
Applies the search scope that is defined in the default query settings. This option is not available for the default query search scope.
Base
Searches only the entry at the base DN.
One-level
Searches all entries exactly one level below the base DN.
Subtree
Searches the base DN and all entries below it.
Children
Searches all entries below the base DN, excluding the base DN itself.
Search timeout
Specifies the number of seconds after which to stop retrying and fail a search. The default value is 100. This setting is available only in the default query settings.
Query filter
Specifies the LDAP filter for user, group, or netgroup objects. This setting is not available in the default query settings.
Authenticate users from this LDAP provider
Specifies whether to allow the provider to respond to authentication requests. This setting is available only in the user query settings.
Home directory naming template
Specifies the path to use as a template for naming home directories. The path must begin with /ifs and can contain variables, such as %U, that are expanded to generate the home directory path for the user. This setting is available only in the user query settings.
Automatically create user home directories on first login
Specifies whether to create a home directory the first time a user logs in, if a home directory does not exist for the user. This setting is available only in the user query settings.
UNIX shell
Specifies the path to the user's login shell, for users who access the file system through SSH. This setting is available only in the user query settings.