beautypg.com

Local – Brocade Mobility RFS Controller CLI Reference Guide (Supporting software release 5.5.0.0 and later) User Manual

Page 1066

background image

Brocade Mobility RFS Controller CLI Reference Guide

1057

53-1003098-01

17

Example

rfs7000-37FABE(config-radius-server-policy-test)#ldap-server dead-period 100

rfs7000-37FABE(config-radius-server-policy-test)#ldap-server primary host

172.16

.10.19 port 162 login motorolasol bind-dn bind-dn1 base-dn base-dn1 passwd 0

motorolasol@123 passwd-attr moto123 group-attr group1 group-filter

groupfilter1

group-membership groupmembership1 net-timeout 2

rfs7000-37FABE(config-radius-server-policy-test)#

rfs7000-37FABE(config-radius-server-policy-test)#show context

radius-server-policy test

authentication eap-auth-type tls

crl-check

ldap-server primary host 172.16.10.19 port 162 login "motorolasol" bind-dn

"bind-dn1" base-dn "base-dn1" passwd 0 motorolasol@123 passwd-attr moto123

group-attr group1 group-filter "groupfilter1" group-membership

groupmembership1 net-timeout 2

ldap-server dead-period 100

rfs7000-37FABE(config-radius-server-policy-test)#

Related Commands:

local

radius-server-policy

Configures a local RADIUS realm on this RADIUS server policy

When the local RADIUS server receives a request for a user name with a realm, the server
references a table of realms. If the realm is known, the server proxies the request to the RADIUS
server.

Supported in the following platforms:

Access Points — Brocade Mobility 650 Access Point, Brocade Mobility 6511 Access Point,
Brocade Mobility 1220 Access Point, Brocade Mobility 71XX Access Point, Brocade
Mobility 1240 Access Point

passwd-attr

Specify the LDAP server password attribute (should not exceed 63 characters).

group-attr

Specify a name to configure group attributes (should not exceed 31 characters).
LDAP systems have the facility to poll dynamic groups. In an LDAP dynamic group an administrator can
specify search criteria. All users matching the search criteria are considered a member of this dynamic
group. Specify a group attribute used by the LDAP server. An attribute could be a group name, group ID,
password or group membership name.

group-filter

Specify a name for the group filter attribute (should not exceed 255 characters).
This filter is typically used for security role-to-group assignments and specifies the property to look up
groups in the directory service.

group-membership

Specify a name for the group membership attribute (should not exceed 63 characters).
This attribute is sent to the LDAP server when authenticating users.

net-time <1-10>

Optional. Select a value from 1 - 10 to configure the network timeout (number of seconds to wait for a
response from the target primary or secondary LDAP server). The default is 10 seconds.

no

Disables the LDAP server parameters

See also other documents in the category Brocade Computer Accessories: