Troubleshooting guide
2 — 5620 SAM user security
2-44 Alcatel-Lucent 5620 Service Aware Manager
5620 SAM
System Administrator Guide
The Bind DN parameter specifies the LDAP attribute set that identifies the
user name of an LDAP user who is authorized to perform LDAP lookups, and
the Bind DN password is the password of the user.
iv Configure the parameters in the User Lookup Settings panel.
The Base DN parameter specifies the LDAP context for username and
password lookup; for example, ou=People,dc=MyCompany,dc=org
The Base Filter parameter format is the following:
(attribute={USERNAME})
where
attribute is the LDAP attribute that contains the username
v If the LDAP server has role information for users and is to provide the name
of a user group, configure the parameters in the Group Lookup Settings
panel.
The Group DN parameter specifies the LDAP context for group lookup; for
example, ou=Roles,dc=MyCompany,dc=org
The Group Filter parameter format is the following:
(&(member=DN)(attribute=USERNAME))
where
DN is the LDAP context for the group lookup
attribute is the LDAP attribute that contains the username
The Attribute ID parameter specifies one of the following, depending on
whether the Attribute is DN? parameter is selected:
• unselected—the name of the LDAP attribute that specifies a group name
• selected—the DN of the LDAP query context
The Attribute ID parameter has the following format:
Note — The 5620 SAM replaces USERNAME with the username supplied
during login in order to perform the lookup.
Note — The user group name that an LDAP server provides must match
the name of a valid 5620 SAM user group, or an authenticated user is
assigned to the default external user group.
Note 1 — The 5620 SAM replaces USERNAME with the username
supplied during login in order to perform the lookup.
Note 2 — You can use {1} as the DN value to specify the FDN obtained
from the LDAP record of the user.
Release 13.0 R2 | May 2015 | 3HE 09815 AAAB TQZZA Edition 01