Ldap Commands; Attribute-Map - H3C MSR Series Command Reference Manual

Parameters
vpn-instance-name: Specifies an MPLS L3VPN instance by the name, a case-sensitive string of 1 to
31 characters.
Usage guidelines
The VPN instance specified for an HWTACACS scheme applies to all servers in that scheme. If a
VPN instance is also configured for an individual HWTACACS server, the VPN instance specified for
the HWTACACS scheme does not take effect on that server.
Examples
# Specify VPN instance test for HWTACACS scheme hwt1.
<Sysname> system-view
[Sysname] hwtacacs scheme hwt1
[Sysname-hwtacacs-hwt1] vpn-instance test
Related commands
display hwtacacs scheme

LDAP commands

attribute-map

Use attribute-map to specify the LDAP attribute map in an LDAP scheme.
Use undo attribute-map to restore the default.
Syntax
attribute-map map-name
undo attribute-map
Default
An LDAP scheme does not use any LDAP attribute map.
Views
LDAP scheme view
Predefined user roles
network-admin
Parameters
map-name: Specifies an LDAP attribute map by its name, a case-insensitive string of 1 to 31
characters.
Usage guidelines
When the LDAP scheme used for authorization contains an LDAP attribute map, the device converts
server-assigned LDAP attributes to device-recognizable AAA attributes based on the mapping
entries.
You can specify only one LDAP attribute map in an LDAP scheme. If you execute this command
multiple times, the most recent configuration takes effect.
If you specify another attribute map or change the mapping entries, the new settings are effective
only on the LDAP authorization that occurs after your operation.
Examples
# Specify LDAP attribute map map1 in LDAP scheme test.
140