Setting Up the User List File with the LDAP Import Utility
To help reduce the amount of work involved in setting up concurrent or named user licenses for large sites, the ELC can import a list of users from an LDAP server using the LDAP Import Utility. Both OpenLDAP and Windows Active Directory servers can be queried using this feature. If you have any questions on what values to use with command-line arguments, please check with your LDAP server administrator.
To run the LDAP Import Utility
- To run the LDAP import utility, use the following command when the ELC is running:
elise cmd ldapimport -identifier -server <ldap server hostname> -type <FLOATING|NAMED>
[-port <ldap server port>][-user <user DN>] [-pass <user password>]
[-base <base DN for search>][-filter <filter for search>]
[-mode <overwrite|append>] [-maxborrow <borrowtime>]
The following table lists the required and optional arguments for the LDAP Import utility.
Required arguments for the LDAP Import Utility
||The product identifier. This is located in your readme.txt file.|
||The hostname of the LDAP server from which users are imported. This can be either an OpenLDAP or Microsoft Active Directory LDAP server.|
||The type of license to enable for the imported users. Users are added to the user list for a particular license type and product identifier.|
||The port of the LDAP server from which users are imported. The standard LDAP port of 389 is used if no port is specified. To search the entire domain tree of an active directory server, use port 3268.|
|| The User DN for the LDAP user which are running the search. Some servers may allow anonymous searches. An anonymous search is attempted if the |
||The password for the User DN provided in the -user argument.|
||The base DN used for the search. A default base for the particular server type detected is used if this is not set.|
|| The filter used in the search. A default filter for the particular server type detected is used if this is not set. An LDAP search filter looks something like: |
||The mode for importing users into the user list. The overwrite argument replaces users in the file, overwriting the existing settings for the users imported. The append argument appends users to the end of the file. This is the default setting.|
||The maximum borrow time for the imported users. Time is specified using the format days:hours. Days are optional and hours are converted to days if greater than 1 day. This defaults to 0.|
After successfully executing the LDAP import command, examine the
userlist-concurrent.txt file and verify that the entries have the expected values. Once you are satisfied with the user list, you will need to restart the ELC to activate these users. If you are serving licenses for other products, you need to run the import per product, or edit the users in the text file.