Managing Authentication Servers LDAP Servers
OmniSwitch AOS Release 7 Network Configuration Guide June 2013 page 29-25
The bop-loggedusers attribute is a formatted string with the following syntax:
loggingMode : accessType ipAddress port macAddress vlanList userName
The fields are defined here:
For example:
“ASA 0 : CONSOLE IP 65.97.233.108 Jones”
Configuring the LDAP Authentication Client
Use the aaa tacacs+-server command to configure LDAP authentication parameters on the switch. The
server name, host name or IP address, distinguished name, password, and the search base name are
required for setting up the server. Optionally, a backup host name or IP address can be configured, as well
as the number of retransmit tries, the timeout for authentication requests, and whether or not a secure
Socket Layer (SSL) is enabled between the switch and the server.
Note. The server must be configured with the appropriate schema before the aaa ldap-server command is
configured.
The keywords for the aaa ldap-server command are listed here:
Field Possible Values
loggingMode ASA x—for an authenticated user session, where x is the num-
ber of the session
AVLAN—for Authenticated VLAN session in single authority
mode
AVLAN y—for Authenticated VLAN session in multiple
authority mode, where y is relevant VLAN
accessType Any one of the following: CONSOLE, MODEM, TELNET,
HTTP, FTP, XCAP
ipAddress The string IP followed by the IP address of the user.
port (For Authenticated VLAN users only.) The string PORT fol-
lowed by the slot/port number.
macAddress (For Authenticated VLAN users only.) The string MAC fol-
lowed by the MAC address of the user.
vlanList (For Authenticated VLAN users only.) The string VLAN fol-
lowed by the list of VLANs the user is authorized (for single-
mode authority).
userName The login name of the user.
Required for creating: optional:
host
dn
password
base
type
retransmit
timeout
port
ssl
To Next Page
Loading...
Need help?
General