Managing Authentication Servers
Field
accessType
ipAddress
port
macAddress
vlanList
userName
For example:
"ASA
0
Configuring the LDAP Authentication Client
Use the
aaa ldap-server
server name, host name or IP address, distinguished name, password, and the search base name are
required for setting up the server. Optionally, a backup host name or IP address may be configured, as
well as the number of retransmit tries, the timeout for authentication requests, and whether or not a secure
Socket Layer (SSL) is enabled between the switch and the server.
Note. The server should be configured with the appropriate schema before the aaa ldap-server command
is configured.
The keywords for the aaa ldap-server command are listed here:
Required for creating:
host
dn
password
base
Creating an LDAP Authentication Server
An example of creating an LDAP server:
-> aaa ldap-server ldap2 host 10.10.3.4 dn cn=manager password tpub base c=us
In this example, the switch will be able to communicate with an LDAP server (called ldap2) that has an IP
address of 10.10.3.4, a domain name of cn=manager, a password of tpub, and a searchbase of c=us. These
parameters must match the same parameters configured on the server itself.
OmniSwitch 6600 Family Network Configuration Guide
Possible Values
Any one of the following: CONSOLE, MODEM, TELNET,
HTTP, FTP, XCAP
The string IP followed by the IP address of the user.
(For Authenticated VLAN users only.) The string PORT fol-
lowed by the slot/port number.
(For Authenticated VLAN users only.) The string MAC fol-
lowed by the MAC address of the user.
(For Authenticated VLAN users only.) The string VLAN fol-
lowed by the list of VLANs the user is authorized (for single-
mode authority).
The login name of the user.
:
CONSOLE IP 65.97.233.108
command to configure LDAP authentication parameters on the switch. The
optional:
type
retransmit
timeout
port
ssl
Jones"
April 2006
LDAP Servers
page 20-25