RSA Security 6.1 manual Ldap Command Examples, Searching for Records

Page 102

LDAP Command Examples

This section explains how to use the LDAP commands ldapdelete, ldapmodify, and ldapsearch to configure the server. Each example describes the LDAP command line options in detail.

Note that a space must appear between each LDAP command option (for example, -p) and its value (for example, 354). Command syntax is case sensitive.

Searching for Records

You can use the ldapsearch command to dump information out of the LDAP tree. The following ldapsearch command dumps out information about all RADIUS clients.

ldapsearch -V 2 -p 354 -D "cn=oper,o=radius"

-w radadmin -s sub -T -b "radiusclass=Client,o=radius" radiusname=*

Table 17. Searching for Records Using the ldapsearch Command

ldapsearch Option

Meaning

 

 

-V 2

LDAP Version 2 is used to communicate with the

 

server.

 

 

 

NOTE: This option is not required, but

 

 

 

specifying it improves the performance of the

 

 

 

transaction.

 

 

 

 

 

 

-p 354

TCP port 354 is used to communicate with the LDAP

 

 

 

interface of the server.

 

 

 

NOTE: This option is not required, but

 

 

 

specifying it improves the performance of the

 

 

 

transaction.

 

 

 

 

 

 

-D "cn=oper,o=radius"

The command is authenticated using an

 

 

 

administrative account called oper.

 

 

 

NOTE: Any administrative account name may

 

 

 

be used in place of oper in this example.

 

 

 

o=radius may not be changed.

 

 

-w radadmin

The command is providing an authentication

 

 

 

password of radadmin.

 

 

 

NOTE: The -wparameter value (in this case,

 

 

 

radadmin) must match the passcode or cached

 

 

 

password of the account named by the -D

 

 

 

parameter.

90

Using the LDAP Configuration Interface

September 2005

Page 101 Page 103
Image 102
Page 101 Page 103
Contents RSA Radius Server 6.1 Administrator’s Guide Contact Information Trademarks Distribution Contents Chapter Installing the RSA Radius Server Chapter Administering Profiles Glossary Index About This Guide AudienceWhat’s In This Manual Syntax Conventions Vendor Information Related DocumentationRSA Radius Server Documentation Requests for Comments RFCsGetting Support and Service Third-Party ProductsBefore You Call for Customer Support RSA Radius Server Features About RSA Radius ServerRSA Radius Server Overview About RSA Radius Server SeptemberRSA Radius Authentication Radius Packets Radius Configuration Radius Server ConfigurationRadius Client Configuration Shared Secrets RadiusRadius Secret Replication SecretNode Secret Authentication Radius PortsAccounting Accounting Sequence Comma-Delimited Log FilesTunneled Accounting Vendor-Specific Attributes AttributesDictionaries Make/Model FieldChecklist Attributes Attribute ListsUpdating Attribute Information Attribute Values Return List AttributesMulti-Valued Attributes System Assigned Values Default ValuesOrderable Attributes Echo PropertyCentralized Configuration Management Replacing a Replica Radius Server Designating a New Primary Radius ServerRecovering a Replica After a Failed Download Changing the Name or IP Address of a ServerRequired Files Installing the RSA Radius ServerBefore You Begin Data Migration/RegistrationInstalling on Windows System RequirementsInstalling the RSA Radius Server If you are installing a Replica RSA Radius Server, clickUninstalling the RSA Radius Server Software Installing on Solaris Installer SyntaxPath Installing the RSA Radius Server Software ReppkgEnter RSA administration port Stopping and Starting the Radius Daemon Migration Log File Installing on Linux Linux Server System RequirementsShould be overwritten Installing the RSA Radius Server Software Enter RSA administration port Etc/init.d/sbrd stop # ./uninstallrsa.sh Using RSA Radius Administrator Running RSA Radius AdministratorNavigating in RSA Radius Administrator RSA Radius Administrator MenusFile Menu See , Administering Radius Clients on Panel MenuRSA Radius Administrator Toolbar Web MenuHelp Menu RSA Radius Administrator Windows Adding an EntryEditing an Entry Sample Add WindowCutting/Copying/Pasting Records Sample Edit WindowChanging Column Sequence Using Context MenusResizing Columns Sorting InformationAccessing Online Help Displaying Version InformationAdding a License Key Exiting the RSA Radius Administrator Add a License for Server WindowAdministering Radius Clients Radius Clients PanelAdding a Radius Client Add Radius Client WindowSecret to display the characters in the shared secret Verifying a Shared Secret Deleting a Radius ClientPage Administering Radius Clients September Administering Profiles Adding a Checklist or Return List Attribute for a ProfileAbout Profiles Default Profile Resolving Profile and User AttributesSetting Up Profiles Adding a ProfileClick Add to add this attribute/value pair to the list Removing a Profile Administering Profiles September Displaying Server Authentication Statistics Displaying StatisticsStatistics Panel System Authentication Statistics Radius client is sending incorrectly formed packets to Displaying Server Accounting Statistics Statistics Panel System Accounting StatisticsAccounting Statistic Meaning Resetting Server Statistics Displaying Radius Client StatisticsOptionally, sort the messages by clicking a column header Displaying Statistics September Administering Radius Servers Replication Panel Adding a Radius Server ManuallyAdd Server Window Enabling a Radius Server Deleting a Radius ServerPublishing Server Configuration Information Notifying Replica Radius ServersRecovering a Replica After a Failed Download Designating a New Primary Radius ServerChanging the Name or IP Address of a Server Regenerating a Node Secret Resetting the Radius Database Administering Radius Servers September Using the Radius System Log LoggingLogging Files Level of Logging Detail Controlling Log File SizeUsing the Accounting Log Accounting Log File FormatFirst Line Headings Comma PlaceholdersStandard Radius Accounting Attributes Acct-Status-TypeAcct-Input-Packets Ldap Configuration Interface File P e n d i x aAbout the Ldap Configuration Interface Ldap UtilitiesLdap Requests Downloading the Ldap UtilitiesConfiguring the Ldap TCP Port Ldap Version ComplianceLdap Virtual Schema Available AttributesLdap Schema Slide 2 Ldap Schema Slide 3 Cn=username,o=radius -w passcode cachedPW Unspecified or 0.0.0.0 RAS IP address When you display Ldap Command Examples Searching for RecordsModifying Records Ldapmodify Option MeaningWhere Adding Records Deleting Records Statistics Variables Counter StatisticsStattype server Stattype authentication Stattype accountingRate Statistics Using the Ldap Configuration Interface September Glossary AAADNS Tokencode Radius Servers TLS 104 Glossary September Index Tokencode
Top Page Image Contents