Specifications
OmniAccess Reference: AOS-W System Reference
80 Part 031652-00 May 2005
Server Name – Specifies a human-readable name to reference the LDAP
server.
Host Name/IP Address – Specifies the IP address of the LDAP server.
Authentication Port – The port on which the LDAP server is configured. The
default value is 389.
Base DN - The Distinguished Name of the node which contains the entire user
database that should be used for user authentication.
Admin DN - A user who has read/search privileges across all the entries in the
LDAP database. The user need not have write privileges – the user should be
able to search the database and read attributes of other users in the database.
Admin Password - The password of the “Admin” user defined above.
Key Attribute - The attribute that contains the unique key for the LDAP object.
This is the name of the attribute that contains the login ID of the users.
Filter - The filter that should be applied to search of the user in the LDAP
database. The default filter string is: “(objectclass=*)”.
Timeout – The amount of time that an LDAP request can go unanswered by
the LDAP server before that server is considered down.
Mode – Administratively enables or disables use of this LDAP server.
The equivalent CLI configuration for the example above is:
aaa ldap-server LDAP1
host 10.1.1.214
authport 389
base-dn “cn=Users,dc=lm,dc=Alcatelnetworks,dc=com”
admin-dn “cn=Alcatel
Admin,cn=Users,dc=lm,dc=Alcatelnetworks,dc=com”
admin-passwd abc10
key-attribute sAMAccountName
filter “(objectclass=*)”
timeout 20
mode enable
Server Rules
For each authentication server used by the system, a server rule may be
configured to specify how role and VLAN information is determined. Role and
VLAN determination may be done simply by specifying a default value per