Chapter 16 AAA Server
NWA/WAC Series CLI Reference Guide
90
16.2.4 aaa group server ldap Commands
The following table lists the aaa group server ldap commands you use to configure a group of
LDAP servers.
[no] server description
description
Sets the descriptive information for the AD server group. You
can use up to 60 printable ASCII characters. The
no command
clears the setting.
[no] server group-attribute
group-attribute
Sets the name of the attribute that the NWA/WAC is to check
to determine to which group a user belongs. The value for this
attribute is called a group identifier; it determines to which
group a user belongs. You can add ext-group-user user
objects to identify groups based on these group identifier
values.
For example you could have an attribute named “memberOf”
with values like “sales”, “RD”, and “management”. Then you
could also create an ext-group-user user object for each
group. One with “sales” as the group identifier, another for
“RD” and a third for “management”. The
no command clears
the setting.
[no] server host ad_server Enter the IP address (in dotted decimal notation) or the
domain name of an AD server to add to this group. The
no
command clears this setting.
[no] server password password Sets the bind password (up to 15 alphanumerical characters).
The
no command clears this setting.
[no] server domain-auth activate Activates server domain authentication. The no parameter
deactivates it.
server domain-auth username
[username] password [password]
Sets the user name and password for domain authentication.
server domain-auth realm [realm] Sets the realm for domain authentication.
[no] server port port_no Sets the AD port number. Enter a number between 1 and
65535. The default is 389. The
no command clears this
setting.
[no] server search-time-limit
time
Sets the search timeout period (in seconds). Enter a number
between 1 and 300. The
no command clears this setting and
set this to the default setting of 5 seconds.
[no] server ssl Enables the NWA/WAC to establish a secure connection to the
AD server. The
no command disables this feature.
Table 55 aaa group server ad Commands (continued)
COMMAND DESCRIPTION
Table 56 aaa group server ldap Commands
COMMAND DESCRIPTION
clear aaa group server ldap [group-
name]
Deletes all LDAP server groups or the specified LDAP server
group.
Note: You can NOT delete a server group that is currently in
use.
show aaa group server ldap group-name Displays the specified LDAP server group settings.
[no] aaa group server ldap group-name Sets a descriptive name for an LDAP server group. Use this
command to enter the sub-command mode.
The
no command deletes the specified server group.
To Next Page
Loading...
