Chapter 16 AAA Server
NWA/WAC Series CLI Reference Guide
91
aaa group server ldap rename group-
name group-name
Changes the descriptive name for an LDAP server group.
aaa group server ldap group-name Enter the sub-command mode.
[no] server alternative-cn-
identifier uid
Sets the second type of identifier that the users can use to log
in if any. For example “name” or “e-mail address”. The
no
command clears this setting.
[no] server basedn basedn Sets the base DN to point to the LDAP directory on the LDAP
server group. The
no command clears this setting.
[no] server binddn binddn Sets the user name the NWA/WAC uses to log into the LDAP
server group. The
no command clears this setting.
[no] server cn-identifier uid Sets the user name the NWA/WAC uses to log into the LDAP
server group. The
no command clears this setting.
[no] server description
description
Sets the descriptive information for the LDAP server group.
You can use up to 60 printable ASCII characters. The
no
command clears this setting.
[no] server group-attribute
group-attribute
Sets the name of the attribute that the NWA/WAC is to check
to determine to which group a user belongs. The value for this
attribute is called a group identifier; it determines to which
group a user belongs. You can add ext-group-user user
objects to identify groups based on these group identifier
values.
For example you could have an attribute named “memberOf”
with values like “sales”, “RD”, and “management”. Then you
could also create an ext-group-user user object for each
group. One with “sales” as the group identifier, another for
“RD” and a third for “management”. The
no command clears
the setting.
[no] server host ldap_server Enter the IP address (in dotted decimal notation) or the
domain name of an LDAP server to add to this group. The
no
command clears this setting.
[no] server password password Sets the bind password (up to 15 characters). The
no
command clears this setting.
[no] server port port_no Sets the LDAP port number. Enter a number between 1 and
65535. The default is 389. The
no command clears this
setting.
[no] server search-time-limit
time
Sets the search timeout period (in seconds). Enter a number
between 1 and 300. The
no command clears this setting and
set this to the default setting of 5 seconds.
[no] server ssl Enables the NWA/WAC to establish a secure connection to the
LDAP server. The
no command disables this feature.
Table 56 aaa group server ldap Commands (continued)
COMMAND DESCRIPTION
To Next Page
Loading...
