Ldap, Server authentication, Importing a ca certificate – Brocade Network OS NETCONF Operations Guide v4.1.1 User Manual
Page 247
Network OS NETCONF Operations Guide
215
53-1003231-02
LDAP
16
<config>
<aaa-config xmlns="urn:brocade.com:mgmt:brocade-aaa">
<aaa>
<accounting>
<exec>
<defaultacc>
<start-stop>
<server-type>none</server-type>
</start-stop>
</defaultacc>
</exec>
</accounting>
</aaa>
</aaa-config>
</config>
</edit-config>
</rpc>
<rpc-reply message-id="924" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<ok/>
</rpc-reply>
LDAP
Lightweight Directory Access Protocol (LDAP) is an open-source protocol for accessing distributed
directory services that act in accordance with X.500 data and service models. LDAP assumes that
one or more servers jointly provide access to a Directory Information Tree (DIT) where data is stored
and organized as entries in a hierarchical fashion. Each entry has a name called the distinguished
name that uniquely identifies it.
This section provides procedures and examples for client-side configuration of the Lightweight
Directory Access Protocol (LDAP). For a conceptual overview of how LDAP authenticates users, and
performs server authorization, and for server-side configuration information, refer to the Network
OS Administrator’s Guide.
Server authentication
As a part of user authentication using LDAP, the Brocade switch can be configured to support
server certificate authentication. Refer to the Network OS Administrator’s Guide for additional
conceptual details.
Importing a CA certificate
To import a CA certificate, perform the following steps.
1. Issue the <ldapca> action located in the <certutil>/<import> node in the
urn:brocade.com:mgmt:brocade-certutil namespace.
2. Under the <ldapca> node, include the following leaf elements to specify the input parameters.
a. In the <protocol> element, specify either SCP or FTP to identify the protocol to be used for
importing the certificate.
b. In the <user> element, enter the login user name for the remote server where the
certificate resides.