Alcatel-Lucent 6600 Switch User Manual


 
Managing Authentication Servers LDAP Servers
OmniSwitch 6600 Family Network Configuration Guide April 2006 page 20-25
For example:
“ASA 0 : CONSOLE IP 65.97.233.108 Jones”
Configuring the LDAP Authentication Client
Use the aaa ldap-server command to configure LDAP authentication parameters on the switch. The
server name, host name or IP address, distinguished name, password, and the search base name are
required for setting up the server. Optionally, a backup host name or IP address may be configured, as
well as the number of retransmit tries, the timeout for authentication requests, and whether or not a secure
Socket Layer (SSL) is enabled between the switch and the server.
Note. The server should be configured with the appropriate schema before the aaa ldap-server command
is configured.
The keywords for the aaa ldap-server command are listed here:
Creating an LDAP Authentication Server
An example of creating an LDAP server:
-> aaa ldap-server ldap2 host 10.10.3.4 dn cn=manager password tpub base c=us
In this example, the switch will be able to communicate with an LDAP server (called ldap2) that has an IP
address of 10.10.3.4, a domain name of cn=manager, a password of tpub, and a searchbase of c=us. These
parameters must match the same parameters configured on the server itself.
accessType Any one of the following: CONSOLE, MODEM, TELNET,
HTTP, FTP, XCAP
ipAddress The string IP followed by the IP address of the user.
port (For Authenticated VLAN users only.) The string PORT fol-
lowed by the slot/port number.
macAddress (For Authenticated VLAN users only.) The string MAC fol-
lowed by the MAC address of the user.
vlanList (For Authenticated VLAN users only.) The string VLAN fol-
lowed by the list of VLANs the user is authorized (for single-
mode authority).
userName The login name of the user.
Required for creating: optional:
host
dn
password
base
type
retransmit
timeout
port
ssl
Field Possible Values