Operation Manual

ManualsBrandsTrapeze smart mobile ManualsSoftwareMobility System Software 7.3

431

432

433

434

435

436

437

438

439

440

RADIUS, LDAP, and Server Groups Commands

17 – 429

Examples

To add LDAP server, testldap, to the server group, corpldap, use the following

command:

MX# set ldap server group corpldap members testldap

success: change accepted.

set ldap server group load-balance

Allows you to balance traffic between LDAP server groups on your network.

Syntax

set ldap server group server-group-name load-balance [enable | disable]

Defaults

None

Access

Enabled

History

Introduced in MSS 7.1

Examples

To configure load balancing on the server group corplap, use the following command:

MX# set ldap server group corpldap load-balance enable

success: change accepted.

set radius

Configures global defaults for RADIUS servers that do not explicitly set these values themselves.

By default, the MX automatically sets all these values except the password (key).

Syntax

set radius {author-password use-mac-address | deadtime minutes | das-port

port encrypted-key string | key string | [mac-addr-format [colons | hyphens |

one-hypen | raw]] retransmit number | timeout seconds}

author-password

use-mac-address

Set this option to send the user mac-address as the password.

das-port port Set the dynamic authorization port for all DACs. The value can be 1, 65535, or

3799.

deadtime minutes Number of minutes the MX waits after declaring an unresponsive RADIUS

server unavailable before retrying the RADIUS server. You can specify from

0 to 1440 minutes.

encrypted-key string Password (shared secret key) used to authenticate to the RADIUS server,

entered in its encrypted form. You must provide the same encrypted password

that is defined on the RADIUS server. The password can be 1 to 64 characters

long, with no spaces or tabs.

MSS does not encrypt the string you enter, and instead displays the string in

show config and show aaa output exactly as you entered it.

Note: Use this option only if you are entering the key in the encrypted

form. To enter the key in unencrypted form, use the key string option

instead.

key string Password (shared secret key) used to authenticate to the RADIUS server,

entered in its unencrypted form. You must provide the same password that is

defined on the RADIUS server. The password can be 1 to 64 characters long,

with no spaces or tabs.

MSS encrypts the displayed form of the string in show config and show aaa

output.

Note: Use this option only if you are entering the key in the

unencrypted form. To enter the key in encrypted form, use the

encrypted-key string option instead.