Ldap Server Configuration - Lenovo RackSwitch G8264 Command Reference Manual

LDAP Server Configuration

© Copyright Lenovo 2017
LDAP (Lightweight Directory Access Protocol) is an authentication protocol that
allows a remote access server to forward a userʹs logon password to an
authentication server to determine whether access can be allowed to a given
system.
Table 155.
LDAP Server Configuration Options
Command Syntax and Usage
ldap­server mode {enhanced|legacy}
Configures the LDAP client mode.
legacy ‐ provides LDAP version 1 (LDAPv1) client functionality

enhanced ‐ provides LDAP versions 2 and 3 (LDAPv2, LDAPv3) client

functionality
The default mode is legacy.
Note: When switching between LDAP client modes, LDAP configurations
made before the change are lost.
Command mode: Global configuration
ldap­server attribute group <1‐128 characters>
Configures a customized LDAP group search attribute, where the group
membership information of the user is stored.
The default value is memberOf.
Note: This option is available only in LDAP enhanced mode.
Command mode: Global configuration
no ldap­server attribute group
Resets the LDAP group search attribute to its default value of memberOf.
Note: This option is available only in LDAP enhanced mode.
Command mode: Global configuration
ldap­server attribute login­permission <1‐128 characters>
Configures a customized LDAP login permission attribute, where the user's or
the group's permission string is stored.
The default value is ibm­chassisRole.
Note: This option is available only in LDAP enhanced mode.
Command mode: Global configuration
no ldap­server attribute login­permission
Resets the LDAP login permission attribute to its default value of
ibm­chassisRole.
Note: This option is available only in LDAP enhanced mode.
Command mode: Global configuration
Chapter 4: Configuration Commands
363