Brocade Communications Systems RFS4000, RFS6000, RFS7000 , ,

Brocade Mobility RFS4000, RFS6000 and RFS7000 CLI Reference Guide 575

53-1001931-01

Radius configuration commands 19

Parameters

Usage Guidelines

Use the login filter and group filter values (described in the example below) for all LDAP

configuration scenarios

Use the passwd parameter to enter the password for the active directory user mentioned in bind

-dn. This is used for the initial login to the active directory.

The passwd-attr and group-membership is retained as described in the following example:

ldap-server primary host

bind-dn

<distinguished-name>

base-dn

<distinguished-name>

passwd {<password>|

<password>|<password>}

passwd-attr

<password-attribute>

group-attr

<group-attribute>

group-filter

<group-filter>

group-membership <group>

net-timeout

<1-10>

Sets the primary LDAP server’s configuration

•host < IP> – Sets the LDAP server’s IP configuration

•<IP> – Defines the LDAP server IP address

•port <number> – Enter the TCP/IP port number for the

LDAP server acting as the data source

•login <user-name> – Use the following as the login:

(sAMAccountName=%{Stripped-User-N

ame:-%{User-Name}})

•bind-dn <distinguished-name> – Specifies the

distinguished name to bind with the LDAP server

•base-dn <distinguished-name> – Specifies a

distinguished name that establishes the base object for

the search. The base object is the point in the LDAP tree

at which to start searching.

•passwd {<password>|<password>|<password>} –

Sets a valid password for the LDAP server

•passwd-attr <password-attribute> – Enter the password

attribute used by the LDAP server for authentication

•group-attr <group-attribute> – Specifies the group

attribute used by the LDAP server

•group-filter <group-filter> – Specifies the group filters

used by the LDAP server

•group-membership <group> – Specifies the Group

Member Attribute sent to the LDAP server when

authenticating users

•net-timeout<1-10> – Enter a timeout the system uses

to terminate the connection to the RADIUS Server if no

activity is detected

ldap-server secondary host

<IP> port <1-65535> login

<user-name> bind-dn

<distinguished-name>

base-dn

<distinguished-name>

passwd

{<password>|<password>|

<password>}

passwd-attr

<password-attribute>

group-attr <group-attribute>

group-filter <group-filter>

group-membership <group>

net-timeout

<1-10>

Defines the secondary LDAP server’s configuration.