LEGRAND Server Technology PRO3X User Manual page 125

Variables:
<filter> is the user search subfilter you specify.
<bind_DN> is bind DN.
<AD_domain> is the Active Directory Domain.
<verify_cert> is one of the options: true or false.
Option Description
true
Enable the verification of the LDAP server certificate.
false
Disable the verification of the LDAP server certificate.
<allow_exp_cert> is one of the options: true or false.
Option Description
true
Certificates that are either expired or not valid yet are
all accepted.
false
Only valid certificates are accepted.
Illustrations of Adding LDAP Servers
This section shows several LDAP command examples. Those words highlighted in bold are required for their respective
examples.
An OpenLDAP server:
authentication ldap add op-ldap.raritan.com 389 openldap none anonymousBind
dc=raritan,dc=com uid inetOrgPerson
A Microsoft Active Directory server:
authentication ldap add ac-ldap.raritan.com 389 activeDirectory none anonymousBind
dc=raritan,dc=com sAMAccountName user adDomain raritan.com
An LDAP server with a TLS certificate uploaded:
a. Enter the CLI command with the following two TLS-related options set and/or added:
▪ <security> is set to tls or startTls.
▪ The "verifyServerCertificate" parameter is added to the command and set to "true."
authentication ldap add ldap.raritan.com 389 openldap startTls ... inetOrgPerson
verifyServerCertificate true
b. The system now prompts you to enter the certificate's content.
c. Type or copy the certificate's content in the CLI and press Enter.
PRO3X User Guide – Command Line Interface (CLI)
125 of 182
Using the PRO3X Command Line Interface (CLI)