IBM Tivoli Storage Manager, Version 7.1

SET LDAPUSER (Define the server administrator for the LDAP directory server)

Use this command to specify the ID of a user or account that can conduct IBM® Tivoli® Storage Manager administrative operations when accessing the LDAP directory server. The user ID must have access to the base distinguished name (Base DN) on the LDAP directory server.

This command determines which ID issues administrative operations, such as resetting node passwords or entering user accounts, on the LDAP directory server. You must grant Base DN access to the LDAPUSER. The ID that is defined in the SET LDAPUSER command must be able to create, delete, and modify objects under the Base DN.

To change the LDAPUSER, reissue the SET LDAPUSER command.

Privilege class

To issue this command you must have system privilege.

Syntax

Read syntax diagramSkip visual syntax diagram
>>-Set LDAPUser--ldap_user_dn----------------------------------><

Parameters

ldap_user_dn
Specifies the user DN that is used when the Tivoli Storage Manager server needs to issue administrative commands to the Tivoli Storage Manager namespace on the LDAP directory server. If the user DN contains spaces or equal signs (=), surround the entire DN with quotation marks. The maximum length of the DN is 256 characters.
If you do not know the DN when you enter the SET LDAPUSER command, contact your LDAP administrator. If you use Microsoft Active Directory, you can determine the DN by using one of the following methods:
Base your query on the name attribute
Issue the dsquery user -name tsmuser command.
Base your query on the user principal name (UPN)
Issue the dsquery user -upn tsmuser@tsmdev.storage.tucson.ibm.com command.
Base your query on the SAM account name
dsquery user -samid tsmuser
For more information about Tivoli Directory Server and defining the DN, visit the following web site and search for distinguished names (DNs): http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.IBMDS.doc/welcome.htm.

Example: Define the LDAPUSER gnuthium

set ldapuser "cn=gnuthium,ou=manufacturing,o=ibm,c=us"
This command sets the user DN with a common name (cn) of gnuthium, with organizational unit (ou) as manufacturing, organization (o) as IBM, and country (c) as the United States.
Important: Contain your user DN within single or double quotation marks.

Related commands

Table 1. Commands related to SET LDAPUSER
Command Description
AUDIT LDAPDIRECTORY Audit an IBM Tivoli Storage Manager-controlled namespace on an LDAP directory server.
SET DEFAULTAUTHENTICATION Specifies the default password authentication method for any REGISTER NODE or REGISTER ADMIN commands.
SET LDAPPASSWORD Sets the password for the LDAPUSER.
Parent topic: SET commands
Related information:
Setting up an LDAP server to store passwords

Feedback