Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

UCSManager (v.2.0(1s)) - Locales and Remotely Authenticated Users (AD)

Hello,

We recently added LDAP authentication to our UCS Manager (v2.0(1s)) and the binding of roles works and users are able to login using their AD accounts.  However, I was wondering if anyone knows how to assign a locale to a remotely authenticated user.  The option seems greyed out on my end.  There are a handful of people that only need to see their single blade and we don't want them to see the rest of our servers.

Thanks,

Everyone's tags (4)
4 REPLIES
Cisco Employee

UCSManager (v.2.0(1s)) - Locales and Remotely Authenticated User

Hello James,

Are those remote users assigned with one of the following roles ?

aaa

admin

operation

If yes, locale cannot be mapped to them as they have system access.

http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/2.0/b_UCSM_GUI_Configuration_Guide_2_0_chapter_01001.html#concept_5D024749129F4B518E0C394637D34E8C

Padma

New Member

Re: UCSManager (v.2.0(1s)) - Locales and Remotely Authenticated

No they weren't part of those groups.  I see where I went wrong: the mappings I made didn't include the locale, only the roles section.

However, I noticed another issue.  Anyone that is in the base OU and below is allowed access to UCS Manager.  Even if they are NOT apart of a UCS mapping, they get read-only access and see everything.  Is there a way to deny all access unless a user is specifically apart of a group in AD that is mapped to a role in UCS Manager?

Lets say I have a blade on chassis 1 slot 6.  I want a user in AD to only see and have access to that blade.  Nothing else.  Is that possible?

Thank you in advance for any help.

Cisco Employee

UCSManager (v.2.0(1s)) - Locales and Remotely Authenticated User

James,

It is not possible to restrict user to view only the blades that  are mapped under configured locale.

On a side note, a user not mapped to any roles in UCSM can be denied access to UCSM.

http://www.cisco.com/en/US/docs/unified_computing/ucs/sw/gui/config/guide/2.0/b_UCSM_GUI_Configuration_Guide_2_0_chapter_0111.html#concept_7148E6B8D176423394C1227B48EDFEDE

Padma

New Member

UCSManager (v.2.0(1s)) - Locales and Remotely Authenticated User

Ahh, there we go, perfect!

I guess it should be OK for them to view the other aspects of our environment.  Thank you very much Padma!

756
Views
0
Helpful
4
Replies
CreatePlease to create content