setldapssl(8)
System Administration 223
group administrator Assign group name for up to five specified administrator
groups. The administrator group has platadm, useradm,
and auditadm privileges and you cannot change that.
group operator Assign group name for up to five specified operator
groups. The operator group has platop and auditop
privileges and you cannot change that.
group custom Assign group name and privileges for up to five groups.
userdomain Configure the user domain. See EXAMPLE 6, below, for
important information.
defaultrole Configure default privileges. If defaultrole is configured,
users have privileges as specified by defaultrole after
authentication; user group membership is not checked. If
defaultrole is not configured, users’ privileges will be
learned from the LDAP/SSL server based on group
membership.
timeout Configure transaction timeout, in seconds. seconds can be
1 to 20. The default is 4. If the specified timeout is too
brief for the configuration, the login process or retrieval
of user privilege settings could fail.
server Configure the primary and up to five alternate LDAP/
SSL servers. To use a host name, DNS must be enabled.
An IP address can be specified with port number;
otherwise, the default port is used.