Ldap-server – Brocade Mobility RFS7000-GR Controller CLI Reference Guide (Supporting software release 4.1.0.0-040GR and later) User Manual

Page 487

Advertising
background image

Brocade Mobility RFS7000-GR CLI Reference Guide

473

53-1001945-01

RADIUS Configuration Commands

19

ldap-server

RADIUS Configuration Commands

Use this command to configure LDAP server parameters. It uses the existing external database in
form of an active directory with the onboard RADIUS server instead of a local database on the
switch.

Syntax

ldap-server[primary|secondary] (host <A.B.C.D>) (port <1-65535389-389>)

(login <name>) (bind-dn <name>) (base-dn <name>) (passwd [0|2|WORD])

(passwd-attr0 (group-attr)(group-filter)(group-membership)(net-timeout <1-10>)

Parameters

Usage Guidelines

Use the login filter and group filter values, described in the example on the following page, for all
LDAP configuration scenarios.

Use

passwd

parameter to enter the password for active directory user mentioned in bind -dn. This

will be used for initial login to the active directory.

The

passwd-attr

and

group-membership

is retained as described in the example.

primary

Primary LDAP server configuration.

secondary

Secondary LDAP server configuration.

host <LDAP IP Address>

LDAP server ip configuration.

A.B.C.D – LDAP server ip address

port <number>

Enter the TCP/IP port number for the LDAP server acting as the data source.

login

Use the following as the login:

(sAMAccountName=%{Stripped-User-Name:-%{User-Name}})

bind-dn

Specifies the distinguished name to bind with the LDAP server.

base-dn

Specifies a distinguished name that establishes the base object for the search. The
base object is the point in the LDAP tree at which to start searching.

passwd[0|2| <WORD>]

Enter a valid password for the LDAP server.

0 – Password is specified UNENCRYPTED.

2 – Password is specified encrypted with password-encryption secret.

<WORD> – LDAP server bind password of size 31.

passwd-attr

Enter the password attribute used by the LDAP server for authentication.
The password attribute is of size 32 .

group-attr

Specifies the group attribute used by the LDAP server.
The group attribute is of size 32

group-filter

Specifies the group filters used by the LDAP server.

group-membership

Specifies the group member attribute sent to the LDAP server when authenticating
users.
The group member attributeis of size 63.

net-timeout <1-10>

Enter a timeout the system uses to terminate the connection to the RADIUS Server if
no activity is detected.

<1-10> – Net time out range.

Advertising
Popular Brands
Popular manuals