LDAP Administration (Continued)
TABLE 2-6
Item
Description
Certificate
Imports the certificate chain of an LDAP server.
chain
Import a certificate chain as follows:
• Import a secure copy (scp) from a remote file.
• Establish a connection to the target LDAP
server, and import the certificate chain from
the server.
LDAP
Specify the IP addresses and port numbers of
server/port
the primary and secondary LDAP servers.
Specify IP addresses or host names for the
addresses.
(e.g. ldap://foobar.east,
ldaps://10.8.31.14:636 )
Timeout
Sets the maximum time (seconds) allowed for
an LDAP search.
LDAP test
Tests the connection to an LDAP server.
Note – PEM: Abbreviation for Privacy Enhanced Mail. Mail to be sent is encrypted
for increased privacy.
Enabling or Disabling the LDAP Server
■
1. Use the showlookup (8) command to display the lookup method of
authentication and user privileges.
XSCF> showlookup
Privileges lookup: Local only
Authentication lookup: Local and LDAP
Command operation
Shell command
Remarks
• The certificate chain must
setldap
be in PEM format. (Note 1)
• A password may need to
be entered to import an scp
from a remote file.
• The default LDAP port
setldap
number is 636 for ldaps,
389 for ldap when the port
number is not specified.
• If LDAP server name is
specified, the server name
maximum length is 128
characters
setldap
setldap
Chapter 2
Setting Up XSCF
2-37