Configuring LDAP Groups
Creating an LDAP group
The Create LDAPGroup command creates an LDAP group.
To create an LDAP group:
At the Sentry: prompt, type create ldapgroup, optionally followed by a 1-16 character group name
(Spaces are not allowed, and LDAP group names are not case sensitive). Press Enter.
Example
The following command creates the LDAP group PowerUser:
Sentry: create ldapgroup PowerUser<Enter>
Removing an LDAP group
The Remove LDAPGroup command removes an LDAP group.
To remove an LDAP group:
At the Sentry: prompt, type remove ldapgroup, optionally followed by a group name. Press Enter.
Setting LDAP group access level privileges
The Set LDAPGroup Access command sets the access level privileges for an LDAP group. The Sentry
has four defined access privilege levels; Admin, User, On-Only and View-Only. For more information
on user access levels, see Changing a user’s access privilege level: on page 17.
To set the access level privilege for an LDAP group :
At the Sentry: prompt, type set ldapgroup access, followed by admin, user, ononly or viewonly,
optionally followed by a LDAP group name and press Enter.
Examples
The following command sets the LDAP group access level for LDAPAdmin to Admin:
Sentry: set ldapgroup access admin ldapadmin<Enter>
The following command sets the LDAP group access level for PowerUser to User:
Sentry: set ldapgroup access user poweruser<Enter>
Granting and removing input status viewing privileges
The Set LDAPGroup Envmon command grants or removes input status viewing privileges to/from an
LDAP group.
To grant or remove input status viewing privileges for an LDAP group:
At the Sentry: prompt, type set ldapgroup envmon followed by on or off, optionally followed by a
group name and press Enter.
Example
The following command grants intput status viewing privileges to the LDAP group PowerUser:
Sentry: set ldapgroup envmon on poweruser<Enter>
Sentry PT22 Advanced Operations • 59
Installation and Operations Manual