Chapter 2 Setting Up XSCF 2-51
Enable/
disable
expanded
search mode
Enables or disables the expanded search mode.
The expanded search mode is only enabled
when to address specific customer environment
where user's account is not UserPrincipalName
(UPN) format.
setad The expanded search mode is
disabled by default.
Enable/
disable
strictcertmode
Enables or disables the strictcertmode.
If strictcertmode is enabled, the server’s
certificate must have already been uploaded to
the server so that the certificate signatures can
be validated when the server certificate is
presented.
setad The strictcertmode is disabled
by default.
Display server
certificate
Displays the following
• Certificate information for the primary and
up to five alternate Active Directory servers.
• The full certificate
showad
Load/Delete
certificate
Loads or deletes the certificate of primary and
up to five alternate Active Directory servers.
setad The strictcertmode must be in
the disabled state for a
certificate to be removed.
Display
userdomain
Displays the userdomain. showad
Userdomain Configures up to five userdomains.
Userdomain can take the form of UPN like
<USERNAME>@domainname
or the form of Distinguished Name (DN) like
"uid=<USERNAME>,ou= OrganizationUnit,
dc= DomainName".
setad If a user domain is specified
directory by UPN form at the
login prompt such as “login:
ima.admin@dc01.example.co
m”, that user domain is used
for this login attempt.
Display
defaultrole
Displays the defaultrole setting. showad
Defaultrole All users authenticated via LDAP/SSL are
assigned privileges set in this parameter.
setad
Display group Displays configuration of administrator group,
operator group, or custom group.
setad
Administrator
group
Assigns group name for up to five specified
administrator groups. The administrator group
has platadm, useradm, and auditadm privileges
and you cannot change that.
setad
TABLE 2-8 Active Directory Administration (Continued)
Item Description Shell command Remarks
To Next Page
Loading...
Need help?
General