beautypg.com

Specifying the ldap server type, Setting the ldap server timeout period, Configuring administrator attributes – H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 58: Configuring ldap user attributes

background image

44

Specifying the LDAP server type

The device supports LDAP servers by IBM, Microsoft, and Sun.
To specify the type of the LDAP server:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter LDAP scheme view.

ldap scheme ldap-scheme-name N/A

3.

Specify the LDAP server type. server-type { ibm | microsoft |

sun }

Optional.
The default setting is microsoft.

Setting the LDAP server timeout period

If the device sends a bind or search request to an LDAP server but receives no response from the server

within the LDAP server timeout period, the device considers that the authentication or authorization

request has timed out and tries the backup authentication or authorization method, if any. If no backup

method is configured, the device considers the authentication or authorization attempt fails.
To set the LDAP server timeout period:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter LDAP scheme view.

ldap scheme ldap-scheme-name N/A

3.

Set the LDAP server timeout
period.

server-timeout time-interval

Optional.
10 seconds by default

Configuring administrator attributes

To configure the administrator DN and password for binding with the LDAP server during LDAP

authentication:

Step Command

Remarks

1.

Enter system view.

system-view

N/A

2.

Enter LDAP scheme view.

ldap scheme ldap-scheme-name N/A

3.

Specify the administrator DN. login-dn dn-string

Not specified by default.

4.

Configure the administrator

password.

login-password [ ciper | simple ]
password

Not specified by default.

NOTE:

The administrator DN specified on the device must be consistent with that on the LDAP server.

Configuring LDAP user attributes

To authenticate a user, an LDAP client must establish a connection to the LDAP server, obtain the user DN,

and use the user DN and the user's password to bind with the LDAP server. According to the LDAP DN

search mechanism, an LDAP client sends search requests to the server based on a search policy that is

determined by the LDAP user attributes of the LDAP client.