8.8. LDAP directory module

Deployment — Kubernetes & UCS appliance

The Policies management module appears in both deployments.

Nubus offers the LDAP directory management module in the Management UI. The LDAP directory management module, as shown in Fig. 8.7, allows functional administrators to browse through the LDAP directory and its objects. You can create, modify, or delete objects through the management module. Most object types have predefined management modules. However, some object types cover advanced settings. You can only reach those advanced settings through the LDAP directory management module, for example User account templates.

Fig. 8.7 Navigating the LDAP directory

8.8.1. Manage directory objects

The left side of the module shows the LDAP directory as a tree structure. You can hide or show elements in the tree through the arrow icons.

When you click an element in the tree structure, the LDAP directory management module switches to its LDAP position and shows the objects on the right side. Use the Type selection list to limit the shown objects to a selected object type.

To add an object to the selected LDAP position, click Add. Similar to the following management modules, you can edit, delete, or move directory objects here:

• User management

• Domain management

• Device Management

Fig. 8.8 shows the directory tree structure with the available actions. Right-clicking an element in the tree structure allows editing the properties of the container or the LDAP base through the Edit action.

Fig. 8.8 Editing LDAP container settings

8.8.2. User-defined LDAP structures

LDAP directory services use containers (CN) and organizational units (OU) to structure the data. There is no technical difference between the two types, just in their application:

• Organizational units usually represent real, existing units such as a department in a company or an institution.

• Containers commonly represent logical or fictitious units, such as all the computers within a company.

You can manage containers and organizational units in the LDAP directory management module. To create them, click Add and either select the type Container: Container or Container: Organisational unit. In principle, you can add containers and organizational units at any position in the directory structure. However, you can’t create organizational units inside containers.

The following reference describes the fields for creating containers or organizational units:

• General tab - LDAP directory

• Advanced settings tab - LDAP directory

• Policies tab - LDAP directory

8.8.2.1. General tab - LDAP directory

Name

The name for the container or organizational unit.

Description

A description for the container or organizational unit.

8.8.2.2. Advanced settings tab - LDAP directory

Add to standard [object type] containers

If activated, Nubus considers the container or organizational unit a standard container for a certain object type.

For example, if a container has the type for the standard user container, Nubus shows the container in the user search and in the user create forms.

8.8.2.3. Policies tab - LDAP directory

For information about assigning policies, see Assign policies.