Changing ldap server parameters, Removing an ldap server, Importing an ldap ca certificate – Brocade Network OS Administrator’s Guide v4.1.1 User Manual
Page 297
1. In privileged EXEC mode, use the configure terminal command to enter global configuration mode.
switch# configure terminal
Entering configuration mode terminal
2. Use the ldap-server-host command to set the parameters for the LDAP server.
This command places you into the ldap-server configuration submode where you can modify the
server default settings.
switch(config)# ldap-server host 10.24.65.6 basedn sec.brocade.com port 3890
switch(config-ldap-server-10.24.65.6)#
3. Modify any settings, such as the domain name or retry limit, in this configuration mode (refer to the
preceding table).
switch(config-ldap-server 10.24.65.6)# basedn security.brocade.com
switch(config-ldap-server 10.24.65.6)# timeout 8
switch(config-host-10.24.65.6)# retries 3
4. Confirm the LDAP settings with the do show command.
Attributes holding default values are not displayed.
switch(config-ldap-server-10.24.65.6)# do show running-config ldap-server host
10.24.65.6
ldap-server host 10.24.65.6
port 3890
basedn security.brocade.com
retries 3
timeout 8
!
5. Use the exit command to return to the global configuration mode.
switch(config-ldap-server-10.24.65.6)# exit
6. Use the no ldap-server command to set an attribute back to the default value.
switch(config)# no ldap-server host 10.24.65.6 retries
Changing LDAP server parameters
Changing an LDAP server follows the same procedure as that noted for adding an LDAP server to the
client server list. Enter the host IP address or host name, then enter the new values as required. Refer
to
Adding an LDAP server to the client server list
on page 296.
switch# configure terminal
Entering configuration mode terminal
switch(config)# ldap-server host 10.24.65.6
switch(config-host-10.24.65.6)# domain security.brocade.com
Removing an LDAP server
The following example deletes an LDAP server entry from the switch LDAP server list.
1. In privileged EXEC mode, use the configure terminal command to enter global configuration mode
switch# configure terminal
Entering configuration mode terminal
2. Use the no ldap-server command to delete the LDAP server.
switch(config)# no ldap-server host 10.24.65.6
Importing an LDAP CA certificate
This procedure imports the LDAP CA certificate from the remote host to the switch.
1. Connect to the switch and log in using an account with admin role permissions.
2. In privileged EXEC mode, enter the certutil import ldapca command. Include the full path to the
certificate on the host, specify SCP as the protocol, and include the IP address of the host.
Changing LDAP server parameters
Network OS Administrator’s Guide
297
53-1003225-04