Ldap Servers; Setting Up The Ldap Authentication Server; Ldap Server Details - Alcatel OmniSwitch 6624 Network Configuration Manual

Managing Authentication Servers

LDAP Servers

Lightweight Directory Access Protocol (LDAP) is a standard directory server protocol. The LDAP client
in the switch is based on several RFCs: 1798, 2247, 2251, 2252, 2253, 2254, 2255, and 2256. The proto-
col was developed as a way to use directory services over TCP/IP and to simplify the directory access
protocol (DAP) defined as part of the Open Systems Interconnection (OSI) effort. Originally it was a
front-end for X.500 DAP.
The protocol synchronizes and governs the communications between the LDAP client and the LDAP
server. The protocol also dictates how its databases of information, which are normally stored in hierarchi-
cal form, are searched, from the root directory down to distinct entries.
In addition, LDAP has its own format that permits LDAP-enabled Web browsers to perform directory
searches over TCP/IP.

Setting Up the LDAP Authentication Server

1
Install the directory server software on the server.
2 Copy the relevant schema LDIF files from the Alcatel software CD to the configuration directory on
the server. (Each server type has a command line tool or a GUI tool for importing LDIF files.) Database
LDIF files may also be copied and used as templates. The schema files and the database files are specific
to the server type. The files available on the Alcatel software CD include the following:
aaa_schema.microsoft.ldif
aaa_schema.netscape.ldif
aaa_schema.novell.ldif
aaa_schema.openldap.schema
aaa_schema.sun.ldif
aaa_database.microsoft.ldif
aaa_database.netscape.ldif
aaa_database.novell.ldif
aaa_database.openldap.ldif
aaa_database.sun.ldif
3
After the server files have been imported, restart the server.
Note. Schema checking should be enabled on the server.
Information in the server files must match information configured on the switch through the
aaa ldap-server command. For example, the port number configured on the server must be the same as
the port number configured on the switch. See
page 17-25 for information about using this command.

LDAP Server Details

LDAP servers must be configured with the properly defined LDAP schema and correct database suffix,
including well-populated data. LDAP schema is extensible, permitting entry of user-defined schema as
needed.
OmniSwitch 6624/6648 Network Configuration Guide
"Configuring the LDAP Authentication Client" on
April 2004
LDAP Servers
page 17-15