Fibre Channel (SAN)

New Member
Posts: 1
Registered: ‎07-16-2008

LDAP Configuration without a Schema Change

I am trying to configure LDAP on our FOS 6.4.2a switches, some of which are configured with Virtual Fabrics.

The issue I have is that the AD Administrators have no desire to make Schema changes, and in the Admin Guide that is listed as a step.

LDAP configuration and Microsoft Active Directory

(Fabric OS Administrator's Guide, v6.4 Page 111)

   Adding attributes to the Active Directory Schema

    To create a group in Active Directory, refer to or Microsoft documentation. You will need to verify that the schema has the following attributes:

        • Add a new attribute brcdAdVfData as Unicode String.

        • Add brcdAdVfData to the person’s properties.

The Commands I know I need to run are:


ldapcfg --maprole BrocadeAdmin Admin

ldapcfg --maprole BrocadeUser User

ldapcfg --maprole BrocadeOperator Operator

ldapcfg --maprole BrocadeSwitchAdmin SwitchAdmin

aaaconfig --add -conf ldap -p 389 -d

aaaconfig --add -conf ldap -p 389 -d

aaaconfig --show

aaaconfig --authspec “ldap;local” -backup

aaaconfig --show

I have seen some blogs online where people talk about setting up AD/LDAP without mentioning a schema change.

Could someone please let me know if it is possible to configure AD/LDAP without needing Schema changes?

Also if that is possible when the roles are mapped is it on all the Virtual Switches or just the FID you run it on?

I ask because there is another team that doesn't need access to half the Virtual Switches

Thanks in advance.

Posts: 57
Registered: ‎08-12-2009

Re: LDAP Configuration without a Schema Change


There is currently no method available to implement AD/LDAP without schema change. Brocade engineering is aware of this and a method will be made available in the near future.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook