setldap(8)
System Administration 217
NAME setldap - configure the Service Processor as a Lightweight Directory Access Protocol
(LDAP) client
SYNOPSIS setldap {-b bind} {-B baseDN} {-c certchain} {-p } {-s servers} {-t user} -T
timeout
setldap -h
DESCRIPTION setldap(8) allows you to configure the Service Processor as an LDAP client.
Note – The LDAP client supports passwords only in the CRYPT format; UNIX
Crypt or MD5. Therefore the passwords on the LDAP server must support it as
well. Refer to the Administration Guide for more information. Also note that an XSCF
user account user name cannot match an LDAP user name, and an XSCF user
account (UID) number cannot match an LDAP UID number.
Privileges You m ust h ave useradm privileges to run this command.
Refer to setprivileges(8) for more information.
OPTIONS The following options are supported:
-B baseDN Specifies distinguished name for the search base. Maximum
character length is 128 characters.
-b bind Sets the identity to use when binding to the LDAP server.
Maximum character length is 128 characters
-c certchain Imports an LDAP server certificate chain from the remote file
specified in certchain. The certificate chain must be in PEM
format. Remote files are specified using the standard scp
syntax, that is, [user@]host:file., and imported using scp.
If the copy requires a user password you will be prompted for
it. Use of this option implicitly enables the use of Transport
Layer Security (TLS) when connecting to LDAP. This may be
disabled by specifying certchain as none. The certificate chain
must be 64 Kbytes in size or less, and it must be valid or it will
be rejected.
-h Displays usage statement.
When used with other options or operands, an error occurs.
-p Sets a password to use when binding to the LDAP server. You
will be prompted for the password.