Creating an ldap scheme, Specifying the ldap authentication server, Displaying and maintaining ldap – H3C Technologies H3C S6300 Series Switches User Manual

Page 56: Configuring aaa methods for isp domains, Required.)

Step Command

Remarks

(Optional.) Specify the user
object class.

user-parameters user-object-class
object-class-name

By default, no user object is
specified, and the default user
object class on the LDAP server is

used.
The default user object class varies

by device.

Creating an LDAP scheme

You can configure a maximum of 16 LDAP schemes. An LDAP scheme can be used by multiple ISP
domains.
To create an LDAP scheme:

Step Command

Remarks

Enter system view.

system-view

N/A

Create an LDAP scheme
and enter LDAP scheme

view.

ldap scheme ldap-scheme-name

By default, no LDAP scheme is defined.

Specifying the LDAP authentication server

Step Command

Remarks

Enter system view.

system-view

N/A

Enter LDAP scheme view.

ldap scheme ldap-scheme-name N/A

Specify the LDAP
authentication server.

authentication-server server-name

By default, no LDAP authentication
server is specified.

Displaying and maintaining LDAP

Execute the display command in any view.

Task Command

Display the configuration of LDAP schemes.

display ldap scheme [ scheme-name ]

Configuring AAA methods for ISP domains

You configure AAA methods for an ISP domain by specifying configured AAA schemes in ISP domain

view. Each ISP domain has a set of system-defined AAA methods, which are local authentication, local

authorization, and local accounting. If you do not configure any AAA methods for an ISP domain, the
device uses the system-defined AAA methods for users in the domain.

This manual is related to the following products:

H3C S5820V2 Series Switches H3C S5830 Series Switches H3C S5830V2 Series Switches H3C S3600V2 Series Switches