EasyManuals Logo

HPE FlexFabric 5940 SERIES User Manual

HPE FlexFabric 5940 SERIES
571 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #58 background imageLoading...
Page #58 background image
45
Step Command Remarks
4. (Optional.) Specify the user
search scope.
search-scope
{
all-level
|
single-level
}
By default, the user search scope
is
all-level
.
5. (Optional.) Specify the
username attribute.
user-parameters
user-name-attribute
{
name-attribute |
cn
|
uid
}
By default, the username attribute
is
cn
.
6. (Optional.) Specify the
username format.
user-parameters
user-name-format
{
with-domain
|
without-domain
}
By default, the username format is
without-domain
.
7. (Optional.) Specify the user
object class.
user-parameters
user-object-class
object-class-name
By default, no user object class is
specified, and the default user
object class on the LDAP server is
used.
The default user object class for
this command varies by server
model.
Configuring an LDAP attribute map
Configure an LDAP attribute map to define a list of LDAP-AAA attribute mapping entries. To apply the
LDAP attribute map, specify the name of the LDAP attribute map in the LDAP scheme used for
authorization.
The LDAP attribute map feature enables the device to convert LDAP attributes obtained from an
LDAP authorization server to device-recognizable AAA attributes based on the mapping entries.
Because the device ignores unrecognized LDAP attributes, configure the mapping entries to include
important LDAP attributes that should not be ignored.
An LDAP attribute can be mapped only to one AAA attribute. Different LDAP attributes can be
mapped to the same AAA attribute.
To configure an LDAP attribute map:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Create an LDAP attribute
map and enter LDAP
attribute map view.
ldap attribute-map
map-name
By default, no LDAP attribute maps
exist.
3. Configure a mapping
entry.
map ldap-attribute
ldap-attribute-name [
prefix
prefix-value
delimiter
delimiter-value ]
aaa-attribute
{
user-group
|
user-profile
}
By default, an LDAP attribute map
does not have any mapping entries.
Repeat this command to configure
multiple mapping entries.
Creating an LDAP scheme
You can configure a maximum of 16 LDAP schemes. An LDAP scheme can be used by multiple ISP
domains.
To create an LDAP scheme:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Create an LDAP scheme
and enter LDAP scheme
view.
ldap scheme
ldap-scheme-name
By default, no LDAP schemes exist.

Table of Contents

Other manuals for HPE FlexFabric 5940 SERIES

Preview: Configuration Guide
Configuration Guide334 pages
Preview: Fundamentals Command Reference
Fundamentals Command Reference289 pages
Preview: Command Reference
Command Reference139 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HPE FlexFabric 5940 SERIES and is the answer not in the manual?

HPE FlexFabric 5940 SERIES Specifications

General IconGeneral
BrandHPE
ModelFlexFabric 5940 SERIES
CategorySwitch
LanguageEnglish

Related product manuals