Technical data

BLADE OS 5.1 Application Guide

BMD00136, November 2009 Chapter 1: Accessing the Switch

 35

Configuring the LDAP Server

G8000 user groups and user accounts must reside within the same domain. On the LDAP server,

configure the domain to include G8000 user groups and user accounts, as follows:

 User Accounts:

Use the uid attribute to define each individual user account.

 User Groups:

Use the members attribute in the groupOfNames object class to create the user groups. The first

word of the common name for each user group must be equal to the user group names defined

in the G8000, as follows:

 admin

 oper

 user

Configuring LDAP Authentication on the Switch

1. Turn LDAP authentication on, then configure the Primary and Secondary LDAP servers.

2. Configure the domain name.

3. If desired, you may change the default TCP port number used to listen to LDAP.

The well-known port for LDAP is 389.

4. Configure the number of retry attempts for contacting the LDAP server, and the timeout period.

>> # ldap-server enable

>> # ldap-server primary-host 10.10.1.1

>> # ldap-server secondary-host 10.10.1.2

>> # ldap-server domain ou=people,dc=mydomain,dc=com

>> # ldap-server port <1-65000>

>> # ldap-server retransmit <1-3>

>> # ldap-server timeout <4-15>