5-10
Installing and Configuring Cisco Access Registrar, 4.2
OL-17221-02
Chapter 5 Customizing Your Configuration
Configuring a Remote Server for AA
Step 5 Use the set command to specify the protocol ldap:
set protocol ldap
Step 6 Use the set command to specify the required LDAP properties.
At the very least you must specify:
• IPAddress—the IP address of the LDAP server (for example, 196.168.1.5).
• Port—the port the LDAP server is listening on (for example, 389).
• HostName—the hostname of the machine specified in the IP address field (for example,
ldap1.QuickExample.com).
• SearchPath—the directory in the LDAP database to use as the starting point when searching for user
information (for example,
o=Ace Industry, c=US).
• Filter—the filter to use to find user entries in the LDAP database (for example, (uid=%s)).
• UserPasswordAttribute—the name of the LDAP attribute in a user entry that contains the user’s
password (for example,
userpassword).
• BindName—specifies the distinguished name (DN) in the LDAP server for CAR to bind with the
LDAP server (for example,
uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot)
• BindPassword—Specifies the password for the distinguished name (for example, cisco123)
set IPAddress 196.168.1.5
set Port 389
set HostName ldap1.QuickExample.com
set SearchPath "o=Ace Industry, c=US"
set Filter (uid=%s)
set UserPasswordAttribute password
set BindName uid=admin,ou=administrators,ou=topologymanagement,o=netscaperoot
set BindPassword cisco123
See Table 19-1LDAP Service Properties, page 19-2 of the Cisco Access Registrar User Guide for
descriptions of the other LDAP properties.
Configuring Services
To use LDAP for authorization and/or authentication, you must configure a Services object.