Context
This is required to map an LDAP group to an Aerospike role (details available on the Access Control Guide page).Method
a) create a CN group file with for the aerospike role name:
This file would create a group on the ldap server with the name of an Aerospike role (in this example, read-write-udf). Same procedure could be used to create CN groups for any custom Aerospike roles.
cat read-write-udf.ldif dn: cn=read-write-udf,dc=field,dc=aerospike,dc=com objectClass: top objectClass: posixGroup gidNumber: 680
b) Use ldapadd command to create the group:
ldapadd -x -w admin -D "cn=admin,dc=field,dc=aerospike,dc=com" -f read-write-udf.ldif
c) create a file to map username(s) to the CN group:
cat modify.ldif dn: cn=read-write-udf,dc=field,dc=aerospike,dc=com changetype: modify add: memberuid memberuid: aerospike
d) Modify the LDAP group and associate a username:
ldapmodify -x -w admin -D "cn=admin,dc=field,dc=aerospike,dc=com" -f modify.ldif