Configuring LDAP Security Settings (CLI)
netgroup_search =
netgroup_mapattr =
netgroup_mapobjclass =
2.
To set the credential level, enter set cred_level= and one of the following
options:
■
anonymous - Allows anonymous authentication for access to data available to everyone.
■
self- Provides self-authentication for users based on their identity and credentials. Self-
authentication uses Kerberos encryption and the SASL/GSSAPI authentication method.
■
proxy - Specifies authentication through a proxy for a specific user account.
hostname:configuration services ldap> set cred_level=proxy
cred_level = proxy (uncommitted)
3.
To set the authorization method, enter set auth_method= and one of the following
options:
■
none - None (use with anonymous)
■
sasl/GSSAPI - SASL/GSSAPI (use with self)
■
simple - Simple, RFC 4513 (use with proxy)
■
sasl/DIGEST-MD5 - SASL/DIGEST-MD5 (use with proxy)
hostname:configuration services ldap> set auth_method=simple
auth_method = simple (uncommitted)
4.
To enable or disable SSL/TLS, enter set use_tls= and either true or false.
Enabling SSL/TLS is highly recommended when using the simple authentication method so the
user's distinguished name and password are not sent in plain text.
hostname:configuration services ldap> set use_tls=true
use_tls = true (uncommitted)
5.
If the credential level is set to proxy, enter set proxy_dn= and the distinguished
name of the account used for proxy authentication. Then enter set
proxy_password= and the password for the account.
hostname:configuration services ldap> set proxy_dn=ProxyName
proxy_dn = ProxyName (uncommitted)
hostname:configuration services ldap> set proxy_password=MyPassword5
proxy_password = *********** (uncommitted)
6.
Enter commit.
hostname:configuration services ldap> commit
Appliance Services 289
To Next Page
Loading...
Need help?
General
