[LDAP Server Menu] maprole - Map LDAP Object Class to User Role Menu prisrv - Set primary LDAP server address secsrv - Set secondary LDAP server address port - Set LDAP port secure - Set LDAP over SSL (LDAPs) fqdn - LDAP's Fully Qualified Domain Name binddn - Set the administrator bind DN bindpw - Set the administrator password for LDAP binding dnadd - Add base DN for search dnrem - Remove base DN for search userattr - Set the user id attribute for username matching retries - Set LDAP server retries timeout - Set LDAP server timeout (seconds) secbd - Enable/disable LDAP secure backdoor for telnet/ssh/http local - Set local Authentication priority on - Turn LDAP authentication ON off - Turn LDAP authentication OFF cur - Display current LDAP configuration |
Command Syntax and Usage | |
---|---|
maprole | |
Displays the MAP LDAP Object Class to User Role menu. To view this menu, see /cfg/sys/ldap/maprole MAP LDAP Object Class to User Role Menu. | |
prisrv <IP address (v4 or v6)> | |
The IPv4 or IPv6 address of the primary LDAP server. | |
secsrv <IP address (v4 or v6)> | |
The IPv4 or IPv6 address of the secondary LDAP server. | |
port <LDAP port to configure> | |
Sets the LDAP port. Values: 1-65000 Default: 389 If Secure LDAP is configured, the default port is 636. | |
secure | |
Specifies whether authentication communication between Alteon and the LDAP server uses Secure LDAP. Values: disable, enable Default: disable | |
fqdn | |
Specifies the LDAP FQDN. If the Fully Qualified Domain Name (FQDN) parameter is specified, the user name in the bind request includes the FQDN (that is, <username>@<FQDN>). Mandatory when administrator bind DN is not configured. Maximum number of characters: 255 | |
binddn | |
Sets the administrator bind distinguished name (DN). The administrator bind DN is used only for querying the directory server and so this user must have privileges to search the directory tree. It is required when anonymous bind is not allowed. Maximum number of characters: 256 | |
bindpw | |
Enter the administrator bind password. Maximum number of characters: 256. | |
dnadd | |
The Base DN limits the search to a more specific directory tree. Using a specific Base DN speeds up all queries to the LDAP server. Up to 10 Base DN can be configured. At least one Base DN must be configured. | |
dnrem | |
Removes base DN for search. | |
userattr | |
Set the user ID attribute for username matching. Maximum number of characters: 30 The User ID Attribute is the attribute in a user record that identifies the user, and is expected to match the username entered during user login. Default: sAMAccountName | |
retries <LDAP server retries (1-3)> | |
Sets the LDAP server number of retries. values: 1-3 Default: 3 | |
timeout <LDAP server timeout seconds (1-10)> | |
Sets the time, in seconds, before re-sending an authentication to the LDAP server after receiving no answer. values: 1-60 Default: 3 seconds | |
secbd disable|enable | |
Enables or disables the LDAP secure backdoor access for telnet/ssh/http. Values: ![]() ![]() Default: disabled | |
local | |
Specifies that Alteon should first search for the user in the Local User Table, and only if not found/authenticated there to connect to the remote authentication server. Values: disable, enable Default: disable | |
on | |
Turn on LDAP authentication. | |
off | |
Turn off LDAP authentication. | |
cur | |
Displays the current LDAP configuration. |