Sentry Industries PT22 56

Setting the search bind Distinguished Name (DN)

The Set LDAP BindDN command is used to set the fully-qualified distinguished name (FQDN) for user accounts to bind with. This is required for directory services that do not support anonymous binds. This field is used ONLY with Simple Binds.

Maximum string length is 124 characters.

NOTE: If left blank, then an anonymous bind will be attempted. This field is used ONLY with Simple binds.

To set the search bind DN:

At the Sentry: prompt, type set ldap binddn, and press Enter. At the following prompt, type the FQDN and press Enter.

Example

The following sets the FQDN for MSAD to ‘cn=guest,cn=Users,dc=servertech,dc=com’:

Sentry: set ldap binddn<Enter>

Enter Search Bind DN (Max characters 124): cn=guest,cn=Users,dc=servertech,dc=com<Enter>

Setting the search bind Distinguished Name (DN) password

The Set LDAP BindPW command is used to set the password for the user account specified in the Search Bind DN.

Maximum password size is 20 characters.

To set the Bind Password DN:

At the Sentry: prompt, type set ldap bindpw and press Enter. At the following prompt, type the bind password and press Enter.

Setting the group membership attribute.

The Set LDAP GroupAttr command is used to specify the name of user class attributes that lists distinguished names (DN), or names of groups that a user is a member of. Maximum string length is 30 characters.

To set Group Membership Attribute:

At the Sentry: promp, type set ldap groupattr and press Enter. At the following prompt, type the group membership attribute and press Enter.

Example

The following sets the group membership attribute for MSAD to ‘memberof’:

Sentry: set ldap groupattr<Enter>

Enter Group Member Attr (Max character 30): memberof<Enter>

Setting the group membership value type:

The Set LDAP GroupType command is used to specify whether the values of Group Membership Attribute represent the Distinguished Name (DN) of a group or just the name of the group.

To set group membership value type:

At the Sentry: prompt, type set ldap grouptype followed by DN or Name and press Enter.

Example

The following sets group membership value to DN

Sentry: set ldap grouptype DN<Enter>

56 • Advanced Operations	Sentry PT22
	Installation and Operations Manual