Nortel Networks 5500 series User Manual
Page 190
190
Configuring authentication
To modify settings for the specific LDAP configuration, use the following
command:
/cfg/doamin #/aaa/auth #/ldap
The LDAP menu appears.
The LDAP menu includes the following options:
Table 37
Configuring LDAP settings
/cfg/doamin #/aaa/auth #/ldap
followed by:
servers
Accesses the LDAP servers menu, in
order to manage the external LDAP servers
configured for the domain (see
LDAP authentication servers” (page 193)
searchbase
Sets the search base entry.
groupattr <names>
Specifies the LDAP attribute that contains
the names of the groups. The group names
contained in the LDAP attribute must be
defined in the Nortel SNAS domain (see
“Configuring groups” (page 156)
To specify more than one group attribute
name, enter the names separated by a comma
(,).
userattr <names>
Refers to one of the following:
1.
the LDAP attribute that contains the user
name used for authenticating a client in the
domain
The default user attribute name is
uid
.
Do not use the
isdbinddn
and
isdbindpas
commands.
2.
if the client’s portal logon name is different
from the RDN (for example, when using
LDAP for authentication towards Active
Directory), the LDAP attribute that is used
in combination with the client’s logon name
to search the DIT
For example, a user record in Active
Directory is defined as the following
DN:
cn=Bill Smith, ou=Users,
dc=example, dc=com
. The user
record also contains the attribute
sAMAccountName=bill
. The user’s
Nortel Secure Network Access Switch
Using the Command Line Interface
NN47230-100
03.01
Standard
28 July 2008
Copyright © 2007, 2008 Nortel Networks
.