Disabling Ldaps - Lenovo Flex System Fabric CN4093 Application Manual

6. Configure the distinguished name (DN) and password (optional).
7. Configure the root DN:
8. Configure the user search attribute (optional):
9. Configure the group search attribute (optional):
10. Configure the login permissions attribute:
11. Configure the group filter attribute (optional):
12. Enable DNS server verification:

Disabling LDAPS

592
CN4093 Application Guide for ENOS 8.4
CN 4093(config)# ldap-server binddn dn "<distinguished name> "
CN 4093(config)# ldap-server binddn key "<password> "
If this is not configured, the switch will use user‐provided login credentials to
bind. A DN will then be constructed from the userʹs login credentials and then
used in the initial BIND attempt.
CN 4093(config)# ldap-server basedn <root DN name>
CN 4093(config)# ldap-server attribute username <search attribute>
If no user search attribute is specified, the default is uid.
CN 4093(config)# ldap-server attribute group <search attribute>
If no group search attribute is specified, the default is memberOf.
CN 4093(config)# ldap-server attribute login-permission <attribute>
Note: If no login permissions attribute is configured, LDAP client will not
function.
CN 4093(config)# ldap-server group-filter <filter attributes separated by comma>
Note: The group filter string must contain no whitespace.
If no group filter attribute is configured, no groups will be filtered and all groups
will be considered in any search.
CN 4093(config)# ldap-server srv
To disable LDAPS, enter:
CN 4093(config)# ldap-server security clear
CN 4093(config)# ldap-server mode legacy
For information about using LDAP in Legacy Mode, see "LDAP Authentication
and Authorization" on page 110.