Chapter 2 Setting Up XSCF 2-73
TABLE 2-10 lists setting items and the corresponding shell commands:
TABLE 2-10 LDAP/SSL Administration
Item Description Shell command Remarks
Display the
status of
LDAP/SSL
Displays the current setting of LDAP/SSL, such
as enabled/disabled, usermapmode, and so on.
showldapssl
Enable/
disable the
use of
LDAP/SSL
Enables or disables the use of an LDAP/SSL
server for managing authentication and
privilege.
setldapssl LDAP/SSL is disabled
by default.
Display
LDAP/SSL
server
Display the primary and up to five alternate
LDAP/SSL servers.
showldapssl A port number of “0”
indicates that the default port
for LDAP/SSL is used.
LDAP/SSL
server/port
Sets an IP address or a port number of the
primary and up to five alternate LDAP/SSL
servers.
Specify IP addresses or host names for the
addresses.
If you specify a host name for an LDAP/SSL
server, the server name must be resolvable by
DNS server.
setldapssl When the port number is not
specified, the default port is
used.
Enable/
disable
usermapmode
Enables or disables the usermapmode.
When enabled, user attributes specified with
the usermap operand, rather than userdomain,
are used for user authentication.
setldapssl The usermapmode is disabled
by default.
Display
usermap
Display the settings of usermap. showldapssl
Usermap Configures the usermap.
The usermap is used for user authentication.
setldapssl The usermapmode must be
enabled for using usermap.
Enable/
disable
strictcertmode
Enables or disables the strictcertmode.
If strictcertmode is enabled, the server’s
certificate must have already been uploaded to
the server so that the certificate signatures can
be validated when the server certificate is
presented.
setldapssl The strictcertmode is disabled
by default.
Display server
certificate
Displays the following
• Certificate information for the primary and
up to five alternate LDAP/SSL servers.
• The full certificate
showldapssl
To Next Page
Loading...
Need help?
General