The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Contents
First, all groups which the user is directly a member of will be retrieved. Then, for each of these groups, their ancestor groups are traversed. The recursion continues until the top- level group is reached.
No. Cisco UCS Manager only supports password-based authentication.
Currently there are no known limitations to the size of an AD instance for plain user authentication, although the filter value limits the search results to one or two. Cisco UCS Manager Release 1.3(x) and earlier allowed random filters, resulting in a large number of search results. In release 2.x, a validation is in place that prevents this.
If a user belongs to large number of first-level groups, the retrieval of those groups is limited by the memory available for the UCS Manager LDAP client. UCS Manager processes only those groups that have been configured with roles and/or locales and discards all other groups.
The maximum number of groups that the user can be member of is 32. This is consistent with the number of group-to-role mappings allowed in UCS Manager.
We have determined that user authentication is not dependent on AD size. We have tested the AD integration with users belonging to more than 120 groups, with each group name having 100 characters.