Fujitsu SPARC Enterprise M3000 Xscf Reference Manual page 239

OPERANDS The following operands are supported:
enable|disable
loadcert
rmcert
group administrator
group operator
group custom
userdomain
defaultrole
timeout
When used with no other operands, enable or disable
LDAP/SSL.
loadcert console prompts for certificate information to
be entered at the console. Use this command to paste
certificate information copied from a file. Terminate input
with CTRL-D.
loadcert URI loads a certificate file for the LDAP/SSL
server. Supported formats for URI are:
http://server[:port]/path/file
https://server[:port]/path/file
ftp://server[:port]/path/file
file:///media/usb_msd/path/file
Delete certificate for an LDAP/SSL server. strictcertmode
must be in the disabled state for a certificate to be
removed.
Assign group name for up to five specified administrator
groups. The administrator group has platadm, useradm,
and auditadm privileges and you cannot change that.
Assign group name for up to five specified operator
groups. The operator group has platop and auditop
privileges and you cannot change that.
Assign group name and privileges for up to five groups.
Configure the user domain. See EXAMPLE 6, below, for
important information.
Configure default privileges. If defaultrole is configured,
users have privileges as specified by defaultrole after
authentication; user group membership is not checked. If
defaultrole is not configured, users' privileges will be
learned from the LDAP/SSL server based on group
membership.
Configure transaction timeout, in seconds. seconds can be
1 to 20. The default is 4. If the specified timeout is too
brief for the configuration, the login process or retrieval of
user privilege settings could fail.
setldapssl(8)
System Administration 225