ldapRBSModelCfg

There are two mechanisms to authenticate and authorize users on the MM when
using an LDAP-enabled server. The first mechanism (oldPermissionString), also
known as version 1, uses bitstrings to associate permissions to users and groups.
Version1 supports Active Directory, Novell eDirectory, and OPenLDAP based
servers.  The second mechanism (newRBSModel),  also known as version 2,
uses a new Role-Based-Security (RBS) model. This mechanism is only available
for Active Directory servers, and requires the use of a snap-in that runs on any
windows platform. This snap-in tool allows you to configure roles on an Active
Directory server of your choice, and to associate users/groups and MMs to those
roles. A role identifies the permissions given to users and groups associated with
that role, and also identifies the targets (e.g. MM) to which this role is attached.
The use of bitstrings in version 2 disappears, making the configuration much more
manageable and user-friendly. Note that if you are not using Active Directory, then
you should not enable version 2. Also note that before enabling version 2, you should
already have your roles configured on your Active Directory server. The old version 1
bitstring model cannot be automatically converted to the new version 2 model. This is
why you must configure your users and groups before enabling version 2. Once
enabled, the change takes effect immediately. The default value for this field is
oldPermissionString.

MIB

CME-MIB

OID

.1.3.6.1.4.1.2.3.51.2.4.9.3.6.20

Type

scalar

Access

readwrite

Status

mandatory

Parent

ldapClientCfg