Deleting ldap ca certificates, Adding an ldap server to the client server list – Brocade Network OS Administrator’s Guide v4.1.1 User Manual

Page 296

Advertising
background image

1. In privileged EXEC mode, enter configure terminal to change to global configuration mode.

switch# configure terminal

Entering configuration mode terminal

2. Enter certutil import ldapca with the specified parameters.

switch# certutil import ldapca directory /usr/ldapcacert file cacert.pem protocol

SCP host 10.23.24.56 user admin password *****

3. Verify the import by entering show cert-util ldapcacert.

switch# show cert-util ldapcacert

List of ldap ca certificate files:

swLdapca.pem

Deleting LDAP CA certificates

The no certutil ldapca command deletes the LDAP CA certificates of all Active Directory servers. You
must confirm that you want to delete the certificates.

switch# no certutil ldapca

Do you want to delete LDAP CA certificate? [y/n]:y

Configuring an Active Directory server on the client side

Each Brocade switch client must be individually configured to use Active Directory servers. You use
the ldap-server command to specify the host server, authentication protocols, and other parameters.
You can configure a maximum of five Active Directory servers on a Brocade switch for AAA service.

The parameters in the following table are associated with an Active Directory server that is configured
on the switch.

Active Directory parameters

TABLE 51

Parameter

Description

host

IP address (v4) or Fully Qualified Domain name of the AD server. IPv6 is supported for
Windows 2008 AD server only. The maximum supported length for the host name is 40
characters.

port

TCP port used to connect the AD server for authentication. The valid port range is 1024
through 65535. The default port is 389.

timeout

Time to wait for a server to respond. The range is 1 through 60 seconds. The default value is
5 seconds.

retries

Number of unsuccessful attempts to be made to connect to an AD server before quitting. The
valid range is 1 through 100. The default value is 5.

domain

Base domain name

A maximum of five LDAP/AD servers can be configured on a Brocade switch for authentication
service.

Adding an LDAP server to the client server list

The following procedure configures an LDAP server on an ADAP client (Brocade switch).

Deleting LDAP CA certificates

296

Network OS Administrator’s Guide

53-1003225-04

Advertising
See also other documents in the category Brocade Computer Accessories: