New HPOVLdapDirectory - HewlettPackard/POSH-HPEOneView GitHub Wiki

HPE OneView 4.10 Library

New-HPOVLdapDirectory

Add a new Directory for Authentication

SYNTAX

New-HPOVLdapDirectory [-Name] <String>[ [-AD] <SwitchParameter>] [-BaseDN] <String> [-Servers] <Array> [-Username] <String> [-Password] <SecureString>[ [-Credential] <PSCredential>][ [-ServiceAccount] <SwitchParameter>] [-ApplianceConnection] <Object> [<CommonParameters>]

New-HPOVLdapDirectory [-Name] <String>[ [-OpenLDAP] <SwitchParameter>] [-BaseDN] <String> [-OrganizationalUnits] <Array> [-Servers] <Array>[ [-UserNamingAttribute] <string>] [-Username] <String> [-Password] <SecureString>[ [-Credential] <PSCredential>][ [-ServiceAccount] <SwitchParameter>] [-ApplianceConnection] <Object> [<CommonParameters>]

Detailed Description

This cmdlet will create a new Directory for appliance authentication. HPE OneView currently supports either Active Directory or LDAP (e.g. OpenLDAP) for user authentication. The New-HPOVLdapServer cmdlet is used to assist defining directory servers address, public SSL certificate and LDAP over SSL TCP port.

Parameters

-AD <SwitchParameter>

Using Active Directory, which sets the authProtocol to AD and userNameField to CN

Aliases	None
Required?	false
Position?	named
Default value	False
Accept pipeline input?	false
Accept wildcard characters?	False

-ApplianceConnection <Object>

Aliases [-Appliance]

Specify one or more HPOneView.Appliance.Connection object(s) or Name property value(s).

Default Value: ${Global:ConnectedSessions} | ? Default

Aliases	Appliance
Required?	true
Position?	named
Default value	(${Global:ConnectedSessions} \| ? Default)
Accept pipeline input?	false
Accept wildcard characters?	False

-BaseDN <String>

Aliases [-Root, -RootDN]

Directory Base DN (E.g. dc=domian,dc=local)

Aliases	root, rootdn
Required?	true
Position?	named
Default value
Accept pipeline input?	false
Accept wildcard characters?	False

-Credential <PSCredential>

Use this parameter if you want to provide a PSCredential object instead.

Aliases	None
Required?	False
Position?	named
Default value
Accept pipeline input?	true (ByValue)
Accept wildcard characters?	False

-Name <String>

Directory name to add. Does not need to match LDAP/AD Directory Name, but should.

Aliases	None
Required?	true
Position?	named
Default value
Accept pipeline input?	false
Accept wildcard characters?	False

-OpenLDAP <SwitchParameter>

Aliases [-LDAP]

Using LDAP (i.e. OpenLDAP), which sets the authProtocol to LDAP and userNameField to UID

Aliases	LDAP
Required?	false
Position?	named
Default value	False
Accept pipeline input?	false
Accept wildcard characters?	False

-OrganizationalUnits <Array>

OpenLDAP OU"s to begin search for Directory Group and User Account authentication. E.g. ou=admins,ou=contoso

Aliases	None
Required?	true
Position?	named
Default value
Accept pipeline input?	false
Accept wildcard characters?	False

-Password <SecureString>

Aliases [-p, -pass] Directory Username password.

Aliases	p, pass
Required?	true
Position?	named
Default value
Accept pipeline input?	false
Accept wildcard characters?	False

-Servers <Array>

Array of Directory Servers and their settings. Must include the following:

* Server Name (FQDN or IP)
* Public SSL Certificate
* SSL Port, if not default 636

Aliases	None
Required?	true
Position?	named
Default value
Accept pipeline input?	false
Accept wildcard characters?	False

-ServiceAccount <SwitchParameter>

Use to indicate the provided credential is a Service Account. Required for when configuring an Active Directory auth directory for two-factor authentication.

Aliases	None
Required?	False
Position?	named
Default value
Accept pipeline input?	false
Accept wildcard characters?	False

-UserNamingAttribute <string>

Specify the naming attribute for OpenLDAP directories. Allowed values: * CN * UID Default Value: CN

Aliases	None
Required?	false
Position?	named
Default value	CN
Accept pipeline input?	false
Accept wildcard characters?	False

-Username <String>

Aliases [-u, -user] Directory Username to authenticate with.

Aliases	u, user
Required?	true
Position?	named
Default value
Accept pipeline input?	false
Accept wildcard characters?	False

This cmdlet supports the common parameters: Verbose, Debug, ErrorAction, ErrorVariable, WarningAction, WarningVariable, OutBuffer, PipelineVariable, and OutVariable. For more information, see about_CommonParameters (http://go.microsoft.com/fwlink/?LinkID=113216)

Input Types

System.Security.SecureString

Account Password that will be used to validate the directory

Return Values

System.Management.Automation.PSCustomObject

Configured Authentication Directory

System.Collections.ArrayList

Multiple configured Authentication Directories

Examples

-------------------------- EXAMPLE 1 --------------------------

$ServerA,$ServerB = servera.domain.com,serverb.domain.com | New-HPOVLdapServer New-HPOVLdapDirectory -name Domain1 -AD -basedn "dc=domain,dc=com" -servers $ServerA,$ServerB -Username [email protected]

Add a new directory with two directory servers, and be prompted for your directory account password.

-------------------------- EXAMPLE 2 --------------------------

$ServerA = New-HPOVLdapServer -Name contoso.com New-HPOVLdapDirectory -name Domain1 -AD -basedn "dc=domain,dc=com" -servers $ServerA -Username [email protected] -ServiceAccount

Add a new Active Directory authentication directory, using SRV domain name, and specify to use the account as a service account.

HPE OneView 4.00 Library