ldap configuration for multidomain envirement

CENGIZ_OTUS · ‎2013-10-24

We have windows forest with 3 sub-domain. For example:

company.com (forest root domain)

a.company.com (sub domain)

b.company.com (sub domain)

c.company.com (sub domain)

All the user accounts and groups are on the sub domains.

We have Linux systems and I have to configure ldap configuration on NetApp filer.

My configuration works very well with only one domain. NetApp filer cant search sub-domains.

"options ldap.ADdomain" is very critical. if empty, it cant find any user. if entered one domain, it can find only users on that domain. ldap.ADdomain accepts only one entry.

I have used ldap or Global catalog servers from all domains but I cant find correct configuration.

What is solution for sub-domain environment.

Regards.

CENGIZ_OTUS · ‎2013-10-31

This document (bullet 7.1.3) describes this limitation. But this document is old. Is the current release has the same limitation?

http://www.netapp.com/us/system/pdf-reader.aspx?m=tr-3458.pdf&cc=us

ahrensimmons · ‎2015-06-12

I'm having a similar issue. were you ever able to resolve this?

CENGIZ_OTUS · ‎2023-10-13

Create an LDAP client configuration (netapp.com)

From the document above I found that with the true value for referral-enabled makes it possible to search through subdomains

This feature came with ontap 9.5 ie:

Beginning with ONTAP 9.5, this allows the ONTAP LDAP client to refer look-up requests to other LDAP servers if an LDAP referral response is returned by the primary LDAP server indicating that the desired records are present on referred LDAP servers. The default value is false.

ldap configuration for multidomain envirement

Portfolio Updates | NetApp ONAIR