Table of Contents
Advertisement
netgroup_search =
netgroup_mapattr =
netgroup_mapobjclass =
2.
To set the credential level, enter set cred_level= and one of the following
options:
anonymous - Allows anonymous authentication for access to data available to everyone.
■
self- Provides self-authentication for users based on their identity and credentials. Self-
■
authentication uses Kerberos encryption and the SASL/GSSAPI authentication method.
proxy - Specifies authentication through a proxy for a specific user account.
■
hostname:configuration services ldap> set cred_level=proxy
3.
To set the authorization method, enter set auth_method= and one of the following
options:
- None (use with anonymous)
■
none
- SASL/GSSAPI (use with self)
■
sasl/GSSAPI
- Simple, RFC 4513 (use with proxy)
■
simple
■
sasl/DIGEST-MD5
hostname:configuration services ldap> set auth_method=simple
4.
To enable or disable SSL/TLS, enter set use_tls= and either true or false.
Enabling SSL/TLS is highly recommended when using the simple authentication method so the
user's distinguished name and password are not sent in plain text.
hostname:configuration services ldap> set use_tls=true
5.
If the credential level is set to proxy, enter set proxy_dn= and the distinguished
name of the account used for proxy authentication. Then enter set
proxy_password= and the password for the account.
hostname:configuration services ldap> set proxy_dn=ProxyName
hostname:configuration services ldap> set proxy_password=MyPassword5
proxy_password = *********** (uncommitted)
6.
Enter commit.
hostname:configuration services ldap> commit
cred_level = proxy (uncommitted)
- SASL/DIGEST-MD5 (use with proxy)
auth_method = simple (uncommitted)
use_tls = true (uncommitted)
proxy_dn = ProxyName (uncommitted)
Configuring LDAP Security Settings (CLI)
Appliance Services
289
Advertisement
Table of Contents
