Motorola WS5100 Series Migration Giude page 137

Parameter Used
LDAP Server IP (host)
LDAP Password Attribute
(passwd-attr)
LDAP Group Name
Attribute (group-attr)
LDAP Group Membership
Filter (group-filter)
LDAP Group Membership
Attribute
(group-membership)
1. Use the following WS5100 CLI command to populate LDAP configuration to access Active Directory.
WS5100(config-radsrv)#ldap-server primary host 192.192.4.42 port 389 login
(sAMAccountName=%{Stripped-User-Name:-%{User-Name}}) bind-dn
cn=blradmin,ou=WID,dc=TV LAB01,dc=com base-dn ou=WID,dc=TVLAB01,dc=com passwd
Symbol123 passwd-attr UserPaswword group-attr cn group-filter
(|(&(objectClass=group)(member=%{Ldap-UserDn}))
(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn}))) group-
membership radiusGroupName
2. Use the following CLI command to view LDAP configuration.
WS5100(config)#show ldap configuration primary
Primary LDAP server configuration
_________________________________
IP Address
Port
Login
Bind DN
Base DN
Password
Password Attribute
Group Name
Group Membership Filter: (|(&(objectClass=group)(member=%{Ldap-
UserDn}))
(&(objectClass=GroupOfUniqueNames)(uniquemember=%{Ldap-UserDn})))
Group Member Attr
Net timeout
Value
192.192.4.42
UserPassword
cn
(|(&(objectClass=group)(member=%{
Ldap-UserDn}))(&
(objectClass=GroupOfUniqueNames)
(uniquemember=%{Ldap-UserDn})))
radiusGroupName
: 192.192.4.42
: 389
: (sAMAccountName=%{Stripped-User-Name:-%{User-Na
me}})
: cn=blradmin,ou=WID,dc=TVLAB01,dc=com
: ou=WID,dc=TVLAB01,dc=com
: 0 Symbol123
: UserPaswword
: cn
: radiusGroupName
: 1 second(s)
Description
The IP address of the server PC running the Active
Directory Service.
This password attribute is used by the LDAP
server for authentication.
This group attribute is used by the LDAP server.
Group filters used by the LDAP server.
Group Member Attribute thats sent to LDAP
server when authenticating the users.
9-17
Radius