Ldap - Juniper MEDIA FLOW CONTROLLER 2.0.4 - ADMINISTRATOR S GUIDE AND CLI Administrator's Manual

Media Flow Controller Administrator's Guide

ldap

ldap
base-dn <string>
bind-dn <string>
bind-password <string>
host <IP_address> order {last | <order_number>}
login-attribute {<string> | uid | sAMAccountName}
port <port>
scope {one-level | subtree}
timeout <seconds>
version {2 | 3}
Notes:
•
base-dn
server's schema. This is a string like ou=users,dc=example,dc=com, with no spaces.
•
bind-dn
empty for anonymous login (the default).
•
bind-password
anonymous login (bind-dn is ""), also let this be empty (the default).
•
host <IP_address>
servers are tried in the order they appear in the server list. New servers are added to the
end of the list of servers by default. You can use the <order_number> argument for
control over server placement in the list. If no ldap host <ip-address> is specified, the
host is removed from the list. The special keyword "last" moves the specified server to be
last to be tried
•
last
•
<order_number>
the given order number. Other LDAP servers as moved as required. The order
numbering starts at 1.
•
login-attribute
no variant resets to the default, sAMAccountName.
•
<string>
•
uid
•
sAMAccountName
login name. This is the default login-attribute value.
•
—Set the port on the LDAP server to connect to for authentication. The no variant
port
resets it to the default, port 389.
•
scope
default, subtree.
•
one-level
•
subtree
•
timeout <seconds>
timeout for all LDAP servers. Default is 5. Range is 1-60.
—Set the base distinguished name (location) of the user information in the LDAP
—Enter the distinguished name to bind to the LDAP server. This can be left
—Enter the password used when binding to the LDAP server. With
—Add an LDAP server to the set of servers used for authentication;
—Move the server to the end of the server list.
—Move or add an LDAP server such that the specified server has
—Set the attribute name that contains the login name of the user. The
—Enter a string for the attribute name that contains the user login name.
—Specify that the uid LDAP attribute contains the user login name.
—Specify that the sAMAccountName attribute contains the user
—Set the search scope for the user under the base-dn. The no variant resets to the
—Search the immediate children of the base-dn.
—Search at the base-dn and all its children.
—Set (or reset to the default with no) a global communication
Media Flow Controller CLI Commands
ldap 327