Switches, Hubs, and Modems
1748262 Members
3692 Online
108760 Solutions
New Discussion юеВ

Virtual Connect Flex-10 LDAP and DNS

 
Markku Leinio
Valued Contributor

Virtual Connect Flex-10 LDAP and DNS

Hi! I'm currently implementing LDAP authentication on Virtual Connect Flex-10 modules (firmware 3.01). The problem is not in LDAP configuration anymore but in DNS.

VC Manager only allows me to configure one LDAP Directory Server Address. The help says:

"The IP address or the DNS name of the domain of the directory service"

With IP address the authentication works fine, no problem. But obviously that is not redundant solution with only one IP address (without external solutions), so I would like to use the "DNS name of the domain" part.

However, "my.domain.name" does not work. The module does not know how to resolve the DNS name. Should I configure DNS servers somewhere in VC Manager? I can't find any place for that.

DNS settings have been configured in the Onboard Administrator, actually the LDAP server IP resolution is working there just fine (my.domain.name), it just selects one of the four IP addresses in the DNS response.

Is there something really obvious that I'm missing here?

Thanks for any help.
2 REPLIES 2
Markku Leinio
Valued Contributor

Re: Virtual Connect Flex-10 LDAP and DNS

Replying to myself: Apparently the VC module IP address configuration (with DNS settings) can be found somewhere in the Onboard Administrator. I have to check it on Monday.

I have read some manuals regarding the OA configuration, but I still struggle to understand the difference between EBIPA and static IP addresses, from the VC module point of view. Maybe it will clear out on Monday...

Markku
Markku Leinio
Valued Contributor

Re: Virtual Connect Flex-10 LDAP and DNS

Great, DNS works fine after adding the DNS server addresses in the Enclosure Bay IP Addressing screen in Onboard Administrator, for each bay. Very clear solution, I wonder how we missed that configuration screen on Friday.

Btw, LDAP settings are simply:

Directory Server: my.domain.name
Search Context 1: ou=OU_location_of_the_AD_group,dc=my,dc=domain,dc=name
Directory Group: name_of_the_AD_group

There are some inconsistencies in OA and VC LDAP configuration (like, OA does not like AD groups with number as the first character, for VC that is not a problem), but both are finally working fine.

Markku