ONTAP Discussions

ldap configuration for multidomain envirement

CENGIZ_OTUS
3,694 Views

We have windows forest with 3 sub-domain. For example:

company.com  (forest root domain)

a.company.com (sub domain)

b.company.com (sub domain)

c.company.com (sub domain)

All the user accounts and groups  are on the sub domains.

We have Linux systems and I have to configure ldap configuration on NetApp filer.

My configuration works very well with only one domain. NetApp filer cant search sub-domains.

"options ldap.ADdomain" is very critical. if empty, it cant find any user. if entered one domain, it can find only users on that domain. ldap.ADdomain accepts only one entry.

I have used ldap or Global catalog servers from all domains but I cant find correct configuration.

What is solution for sub-domain environment.

Regards.

3 REPLIES 3

CENGIZ_OTUS
3,692 Views

This document (bullet 7.1.3) describes this limitation. But this document is old. Is the current release has the same limitation?

http://www.netapp.com/us/system/pdf-reader.aspx?m=tr-3458.pdf&cc=us

ahrensimmons
3,303 Views

I'm having a similar issue.  were you ever able to resolve this?

CENGIZ_OTUS
1,320 Views

Create an LDAP client configuration (netapp.com)

From the document above I found that with the true value for referral-enabled makes it possible to search through subdomains 

This feature came with ontap 9.5  ie:

Beginning with ONTAP 9.5, this allows the ONTAP LDAP client to refer look-up requests to other LDAP servers if an LDAP referral response is returned by the primary LDAP server indicating that the desired records are present on referred LDAP servers. The default value is false.

Public