2-74 SPARC Enterprise Mx000 Servers XSCF User’s Guide • January 2012
Load/Delete
certificate
Loads or deletes the certificate of primary and
up to five alternate LDAP/SSL servers.
setldapssl The strictcertmode must be in
the disabled state for a
certificate to be removed.
Display
userdomain
Displays the userdomain. showldapssl
Userdomain Configures up to five userdomains.
Userdomain can take the form of Distinguished
Name (DN).
setldapssl
Display
defaultrole
Displays the defaultrole setting. showldapssl
Defaultrole All users authenticated via LDAP/SSL are
assigned privileges set in this parameter.
setldapssl
Display group Displays configuration of administrator group,
operator group, or custom group.
setldapssl
Administrator
group
Assigns group name for up to five specified
administrator groups. The administrator group
has platadm, useradm, and auditadm privileges
and you cannot change that.
setldapssl
Operator
group
Assigns group name for up to five specified
operator
groups. The operator group has platop and
auditop
privileges and you cannot change that.
setldapssl
Custom group Assigns group name and privileges for up to
five groups.
setldapssl
Timeout Configures transaction timeout, in seconds.
Seconds can be 1 to 20.
setldapssl The default is 4. If the
specified timeout is too brief
for the configuration, the
login process or retrieval of
user privilege settings could
fail.
Enable/Disabl
e log
Enables or Disables logging of LDAP/SSL
authentication and authorization diagnostic
messages.
setldapssl This log is cleared on XSCF
reset.
Display log Displays LDAP/SSL authentication and
authorization diagnostic messages
showldapssl
Clear log Clears log file of LDAP/SSL authentication and
authorization diagnostic messages.
setldapssl
Default Resets LDAP/SSL settings to factory default. setldapssl
TABLE 2-10 LDAP/SSL Administration (Continued)
Item Description Shell command Remarks
To Next Page
Loading...
Need help?
General