brocade-communications-sy rfs6000 User Manual
Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide
575
53-1001931-01
Radius configuration commands
19
Parameters
Usage Guidelines
Use the login filter and group filter values (described in the example below) for all LDAP
configuration scenarios
Use the login filter and group filter values (described in the example below) for all LDAP
configuration scenarios
Use the
passwd
parameter to enter the password for the active directory user mentioned in bind
-dn. This is used for the initial login to the active directory.
The
passwd-attr
and
group-membership
is retained as described in the following example:
ldap-server primary host
<IP> port <1-65535>
login <user-name>
bind-dn
<distinguished-name>
base-dn
<distinguished-name>
passwd {<password>|
<password>|<password>}
passwd-attr
<password-attribute>
group-attr
<group-attribute>
group-filter
<group-filter>
group-membership <group>
net-timeout
<1-10>
<IP> port <1-65535>
login <user-name>
bind-dn
<distinguished-name>
base-dn
<distinguished-name>
passwd {<password>|
<password>|<password>}
passwd-attr
<password-attribute>
group-attr
<group-attribute>
group-filter
<group-filter>
group-membership <group>
net-timeout
<1-10>
Sets the primary LDAP server’s configuration
•
host < IP> – Sets the LDAP server’s IP configuration
•
<IP> – Defines the LDAP server IP address
•
port <number> – Enter the TCP/IP port number for the
LDAP server acting as the data source
LDAP server acting as the data source
•
login <user-name> – Use the following as the login:
(
(
sAMAccountName=%{Stripped-User-N
ame:-%{User-Name}})
•
bind-dn <distinguished-name> – Specifies the
distinguished name to bind with the LDAP server
distinguished name to bind with the LDAP server
•
base-dn <distinguished-name> – Specifies a
distinguished name that establishes the base object for
the search. The base object is the point in the LDAP tree
at which to start searching.
distinguished name that establishes the base object for
the search. The base object is the point in the LDAP tree
at which to start searching.
•
passwd {<password>|<password>|<password>} –
Sets a valid password for the LDAP server
Sets a valid password for the LDAP server
•
passwd-attr <password-attribute> – Enter the password
attribute used by the LDAP server for authentication
attribute used by the LDAP server for authentication
•
group-attr <group-attribute> – Specifies the group
attribute used by the LDAP server
attribute used by the LDAP server
•
group-filter <group-filter> – Specifies the group filters
used by the LDAP server
used by the LDAP server
•
group-membership <group> – Specifies the Group
Member Attribute sent to the LDAP server when
authenticating users
Member Attribute sent to the LDAP server when
authenticating users
•
net-timeout<1-10> – Enter a timeout the system uses
to terminate the connection to the RADIUS Server if no
activity is detected
to terminate the connection to the RADIUS Server if no
activity is detected
ldap-server secondary host
<IP> port <1-65535> login
<user-name> bind-dn
<distinguished-name>
base-dn
<distinguished-name>
passwd
{<password>|<password>|
<password>}
passwd-attr
<password-attribute>
group-attr <group-attribute>
group-filter <group-filter>
group-membership <group>
net-timeout
<1-10>
<IP> port <1-65535> login
<user-name> bind-dn
<distinguished-name>
base-dn
<distinguished-name>
passwd
{<password>|<password>|
<password>}
passwd-attr
<password-attribute>
group-attr <group-attribute>
group-filter <group-filter>
group-membership <group>
net-timeout
<1-10>
Defines the secondary LDAP server’s configuration.