EasyManua.ls Logo

ELTEX ESR-10 - AAA Configuration Algorithm Via LDAP

ELTEX ESR-10
650 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
ESR series service routers.ESR-Series. User manual
449
Step Description Command Keys
14 Switch to the corresponding
terminal configuration mode.
esr(config)# line <TYPE> <TYPE> – console type:
console – local console;
ssh – secure remote console.
15 Activate user login
authentication list.
esr(config-line-console)# login
authentication <NAME>
<NAME> – list name, set by the
string of up to 31 characters.
Created in step 7.
16 Activate authentication list of
user privileges elevation.
esr(config-line-console)# enable
authentication <NAME>
<NAME> – list name, set by the
string of up to 31 characters.
Created in step 8.
13.1.4 AAA configuration algorithm via LDAP
Step Description Command Keys
1 Specify basic DN (Distinguished
name) which will be used when
searching for users.
esr(config)# ldap-server base-dn
<NAME>
<NAME> – basic DN, set by the
string of up to 255 characters.
2 Set the interval after which the
router assumes that the LDAP
server is not available (optional).
esr(config)# ldap-server bind
timeout <SEC>
<SEC> – time interval in seconds,
takes values of [1..30].
Default value: 3 seconds.
3 Specify the DN (Distinguished
name) of a user with
administrator rights, under which
authorization will take place on
the LDAP server when searching
for users.
esr(config)# ldap-server bind
authenticate root-dn <NAME>
<NAME> – DN of a user with
administration rights, set by the
string of up to 255 characters.
4 Specify the password of a user
with administrator rights, under
which authorization will take
place on the LDAP server when
searching for users.
esr(config)# ldap-server bind
authenticate root-password ascii-
text
{ <TEXT> | encrypted
<ENCRYPTED-TEXT> }
<TEXT> – string [8..16] ASCII
characters;
<ENCRYPTED-TEXT> – encrypted
password, [8..16] bytes size, set by
the string of [16..32] characters.
5 Specify a class name of the
objects among which it is
necessary to search for users on
LDAP server (optional).
esr(config)# ldap-server search
filter user-object-class <NAME>
<NAME> – object class name, set by
the string of up to 127 characters.
Default value: posixAccount.

Table of Contents

Related product manuals