Operation Manual
RADIUS, LDAP, and Server Groups Commands
Mobility System Software Command Reference Guide
Version 7.3
17 – 428
Syntax
set ldap [ auth-port port] [base-dn basedn]
[bind-mode simpleauth | sasl-md5] [deadtime mins] [mac-addr-format hyphens |colons
| one-hyphen | raw] [timeout seconds]
Defaults
None
Access
Enabled
History
Introduced in MSS 7.1
set ldap server
Add LDAP servers to your network configuration as an authentication method.
Syntax
set ldap server server-name address ip-address
Defaults
None
Access
Enabled
History
Introduced in MSS 7.1
Examples
To add a LDAP server with the IP address of 10.1.1.1 to the configuration, enter the
following command:
MX# set ldap server corpnet address 10.1.1.1
success: change accepted.
set ldap server group
Add LDAP servers to a group for redundancy on the network.
Syntax
set ldap server group server-group-name members member-name
Defaults
None
Access
Enabled
History
Introduced in MSS 7.1
Usage
LDAP server groups provide redundancy and load balancing on the network. You can
configure up to four LDAP server groups.
auth-port
port
The designated port used for LDAP authentication.
base-dn
basedn
The suffix to be appended to a Domain Name.
bind-mode
simple-auth | sasl-md5
The binding mode for authentication - you can select from the
following:
❑ simple-auth — a request for authentication is sent with the
user’s credentials.
❑ sasl-md5 — a response is sent with a sasl-md5 challenge.
deadtime
mins
The deadtime can be configured in minutes with a range of 0 to
1440 minutes. The default value is five minutes.
mac-addr-format
hyphens | colons | one-hyphen | raw]
Authentication requires a corresponding MAC address from the
client.
timeout
secs
Configure a length of time that a client can be idle on the
network. It can be a value from 1 second to 65535 seconds. The
default value is five seconds.