You can use Identity and Access Control to configure the following:

idmapd configuration

The idmapd.conf configuration file consists of several sections, initiated by strings of the form [General] and [Mapping]. Each section may contain lines of the form. 

Parameter

Definition

Pipefs directory

LDAP server directory.

domain name

The local NFSv4 domain name. An NFSv4 domain is a namespace with a unique username<>UID and groupname<>GID mapping. (Default: Host's fully-qualified DNS domain name)

Nobody user

Local user name to be used when a mapping cannot be completed.

Nobody group

Local group name to be used when a mapping cannot be completed.


LDAP Server

LDAP Server enables the configuration of the fields of the LDAP configuration.

Buurst's SoftNAS provides support for NFSv4 Kerberos and LDAP Support, which enables multi-user security access rights to files and directories managed by the SoftNAS filer.

worddav306869f07558e6d3fb8625f723c17e86.png

OpenLDAP Server Configuration

LDAP Server configuration allows the establishment of a connection between OpenLDAP and domain users.


Parameter

Description

Root DN for LDAP database

The domain of the local domain controller that hosts the users.

The directory starts out completely empty, without even a root structure present. Initializing the directory with a root record and other supporting directory sub-structures (i.e., sub-directories) is required before adding any user data.

Administration login DN

By default, Active Directory does not allow anonymous LDAP connections. To change this, to enter the DN of a user that's allowed to connect to the server and read all user and group data. Unless a special user account has already been created for this purpose, an easy choice is to use the built-in administrator account. By default, the administrator DN is in the form cn=Administrator,dc=<Local Domain>.

Administration password

Existing Administration password.

New administration password

Create a new password for OpenLDAP directory management.

Indexes to cache

Number of indexes to cache to improve performance tuning for user lookups.

Database entries to cache

Number of database entries to cache to improve performance tuning for user lookups.

Access control options

Setting which determines access control setting between SoftNAS and the LDAP server.

Maximum number of search results

Max. number of search results for user lookups.

Maximum time for searches

Max. amount of time for user lookup searches.

Encryption Options

Encryption options enables generation of an SSL Certificate. It enables the creation of a self-signed certificate for the LDAP system.

worddav463b08abdb3bb544145692fb0da8125a.png

LDAP Access Control

This is where you can grant different access permissions on a per Object basis.

worddav8bc0642d144c7ffabae4bb749a29da3d.png

Manage LDAP Schema

The LDAP schema determines which object classes and attributes can be stored in the LDAP database. This page allows administrators to decide which schema types are supported by the server - but be careful de-selecting any entries that are used by existing objects.

Create Tree

This page provided a convenient way to create DN that will be the base of a new tree in the database. It can also create an example user or email alias under the tree as an object template.


Parameter

Description

Name for new DN

Name of the new Domain name to be created.

Create example object under new DN?

Setting which determines if a new object will be created under the newly created tree.

One of the following:

  • Unix user
  • Unix user with mail
  • Unix group
  • Address mapping