You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/hpc-cache/directory-services.md
+12-6Lines changed: 12 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -4,7 +4,7 @@ description: How to configure directory services for client access to storage ta
4
4
author: ekpgh
5
5
ms.service: hpc-cache
6
6
ms.topic: how-to
7
-
ms.date: 12/21/2020
7
+
ms.date: 12/22/2020
8
8
ms.author: v-erkel
9
9
---
10
10
@@ -21,9 +21,11 @@ After you click the button to enable extended groups, you must choose the source
21
21
*[LDAP](#configure-ldap) - Get credentials from a Lightweight Directory Access Protocol (LDAP)-compatible source.
22
22
23
23
> [!NOTE]
24
-
> Make sure that your cache can access its group information source from inside its secure subnetwork.<!--Provide a < what? >-->
24
+
> Make sure that your cache can access its group information source from inside its secure subnetwork.<!--+ details/examples-->
25
25
26
-
26
+
The **Username downloaded** field shows the status of the most recent group information download.
27
+
28
+
27
29
28
30
## Configure Active Directory
29
31
@@ -39,28 +41,32 @@ Under **Active directory details**, supply these values:
39
41
40
42
***Cache server name (computer account)** - Set the name that will be assigned to this HPC cache when it joins the AD domain. Specify a name that is easy to recognize as this cache. The name can be up to 15 characters long and can include capital or lowercase letters, numbers, hyphens (-), and underscores (_).
41
43
42
-
In the **Credentials** section, provide an AD administrator username and password that the Azure HPC Cache can use to access the AD server. This information is encrypted when stored, and can't be queried.
44
+
*In the **Credentials** section, provide an AD administrator username and password that the Azure HPC Cache can use to access the AD server. This information is encrypted when stored, and can't be queried.
43
45
44
46
Save the settings by clicking the button at the top of the page.
45
47
48
+
49
+
46
50
## Configure file download
47
51
48
52
These values are required if you want to download files with your user and group information. The files must be in the standard Linux/UNIX `/etc/group` and `/etc/passwrd` format.
49
53
50
54
***User file URI** - Enter the complete URI for the `/etc/passwrd` file.
51
55
***Group file URI** - Enter the complete URI for the `/etc/group` file.
52
56
57
+
58
+
53
59
## Configure LDAP
54
60
55
61
Fill in these values if you want to use a non-AD LDAP source to get user and group credentials. Check with your LDAP administrator if you need help with these values.
56
62
57
63
***LDAP server** - Enter the fully qualified domain name or the IP address of the LDAP server to use. <!-- only one, not up to 3 -->
58
64
59
-
***LDAP base DN** - Specify the base distinguished name for the LDAP domain, in DN format. <!-- xxx we specify base DN here but bind DN only if there's encryption? xxx LDAP queries are performed on the base DN, the DN of the entry, and all entries below it in the directory tree. -->Ask your LDAP administrator if you don’t know your base DN.
65
+
***LDAP base DN** - Specify the base distinguished name for the LDAP domain, in DN format. Ask your LDAP administrator if you don’t know your base DN.
60
66
61
67
The server and base DN are the only required settings to make LDAP work, but the additional options make your connection more secure.
62
68
63
-
69
+
64
70
65
71
In the **Secure access** section, you can enable encryption and certificate validation for the LDAP connection. After you click **Yes** to enable encryption, you have these options:
0 commit comments