HP MSR Series Configuration Manual page 60

Step
3. Configure a mapping
entry.
Creating an LDAP scheme
You can configure a maximum of 16 LDAP schemes. An LDAP scheme can be used by multiple ISP
domains.
To create an LDAP scheme:
Step
1. Enter system view.
2. Create an LDAP scheme
and enter LDAP scheme
view.
Specifying the LDAP authentication server
Step
1. Enter system view.
2. Enter LDAP scheme view.
3. Specify the LDAP
authentication server.
Specifying the LDAP authorization server
Step
1. Enter system view.
2. Enter LDAP scheme view.
3. Specify the LDAP
authorization server.
Specifying an LDAP attribute map for LDAP authorization
Specify an LDAP attribute map for LDAP authorization to convert LDAP attributes obtained from the
LDAP authorization server to device-recognizable AAA attributes.
You can specify only one LDAP attribute map in an LDAP scheme.
To specify an LDAP attribute map for LDAP authorization:
Step
1. Enter system view.
2. Enter LDAP scheme view.
3. Specify an LDAP attribute
map.
Command
map ldap-attribute
ldap-attribute-name [ prefix
prefix-value delimiter
delimiter-value ] aaa-attribute
{ user-group | user-profile }
Command
system-view
ldap scheme
ldap-scheme-name
Command
system-view
ldap scheme ldap-scheme-name
authentication-server
server-name
Command
system-view
ldap scheme ldap-scheme-name
authorization-server
server-name
Command
system-view
ldap scheme ldap-scheme-name
attribute-map map-name
45
Remarks
By default, a new LDAP attribute
map does not have a mapping entry.
Repeat this command to configure
multiple mapping entries.
Remarks
N/A
By default, no LDAP scheme is defined.
Remarks
N/A
N/A
By default, no LDAP authentication
server is specified.
Remarks
N/A
N/A
By default, no LDAP authorization
server is specified.
Remarks
N/A
N/A
By default, no LDAP attribute map is
specified.