This topic describes how to configure AD, LDAP, and DNS settings in the Cloud Storage Gateway console.

Background information

Active Directory (AD) and Lightweight Directory Access Protocol (LDAP) are standard application protocols used to query and change directory information. Select the AD or LDAP service that you want to join and configure the settings.

  • Version 1.0.36 and later allow you to configure AD, LDAP, and DNS settings in the Cloud Storage Gateway console.
  • You can join an AD domain only after you complete the DNS settings.
  • You can join either an AD or LDAP domain.
  • The permissions of the current AD domain user, LDAP user, and local user override each other and whichever configured last takes effect. After you join or leave an AD domain, or connect to or disconnect from an LDAP server, the user permissions configured in the CIFS share are automatically removed.
  • Currently, the AD feature supports 64-bit Windows Server 2016 Datacenter and Windows Server 2012 R2 Datacenter.
  • Currently, the LDAP feature supports 64-bit CentOS 7.4 with OpenLDAP 2.4.44.

Configure AD settings

  1. Log on to the CSG console.
  2. Go to the Gateway Cluster page, find the target file gateway, and then click the name of the gateway to go to the Share tab.
  3. On the AD/LDAP/DNS page, click Join AD.
  4. In the Join AD dialog box, set the following parameters and click OK.
    • Server IP: Enter the IP address of the AD server.
    • User Name: Enter the administrator username.
    • Password: Enter the administrator password.

    After the connection is established, the status of Joined under AD becomes Yes.

    Note After you join the AD domain, the local user permissions configured in the SMB share are removed.

Configure LDAP settings

  1. Log on to the CSG console.
  2. Go to the Gateway Cluster page, find the target file gateway, and then click the name of the gateway to go to the Share tab.
  3. On the AD/LDAP/DNS page, click Establish Connection.
  4. In the Connect LDAP dialog box that appears, set the following parameters and click OK.
    • Server IP: Enter the IP address of the LDAP server, which is the directory system agent.
    • Support TLS: Specify the method used by the system to communicate with the LDAP server.
    • Base DN: Specify the LDAP domain, for example, dc=iftdomain, or dc=ift.local.
    • Root DN: Specify the root DN, for example, cn=admin, dc=iftdomain, or dc=ift.local.
    • Password: Enter the password of the root directory.

    After the connection is established, the status of Joined under LDAP becomes Yes.

    Note After you join the LDAP domain, the local user permissions configured in the SMB share are removed.

Other supported operations

On the AD/LDAP/DNS page, you can also perform the following operations.

Operation Description
Terminate the AD connection Under AD, click Close the connection.
Terminate the LDAP connection Under LDAP, click Close the connection.
Change DNS servers Click Update DNS and change DNS server IP addresses.