Chapter 28 AAA Server

Table 111 aaa group server ldap Commands (continued)

COMMAND

DESCRIPTION

[no] server binddn binddn

Sets the user name the NXC uses to log into the LDAP

 

server group. The no command clears this setting.

[no] server cn-identifier uid

Sets the unique common name (cn) to identify a

 

record. The no command clears this setting.

[no] server description

Sets the descriptive information for the LDAP server

description

group. You can use up to 60 printable ASCII

 

characters. The no command clears this setting.

[no] server group-attribute

Sets the name of the attribute that the NXC is to check

group-attribute

to determine to which group a user belongs. The value

 

for this attribute is called a group identifier; it

 

determines to which group a user belongs. You can

 

add ext-group-user user objects to identify groups

 

based on these group identifier values.

 

For example you could have an attribute named

 

“memberOf” with values like “sales”, “RD”, and

 

“management”. Then you could also create an ext-

 

group-user user object for each group. One with

 

“sales” as the group identifier, another for “RD” and a

 

third for “management”. The no command clears the

 

setting.

[no] server host ldap_server

Enter the IP address (in dotted decimal notation) or the

 

domain name of an LDAP server to add to this group.

 

The no command clears this setting.

[no] server password password

Sets the bind password (up to 15 characters). The no

 

command clears this setting.

[no] server port port_no

Sets the LDAP port number. Enter a number between

 

1 and 65535. The default is 389. The no command

 

clears this setting.

[no] server search-time-limit

Sets the search timeout period (in seconds). Enter a

time

number between 1 and 300. The no command clears

 

this setting and set this to the default setting of 5

 

seconds.

 

 

[no] server ssl

Enables the NXC to establish a secure connection to

 

the LDAP server. The no command disables this

 

feature.

28.2.3 aaa group server radius Commands

The following table lists the aaa group server radius commands you use to configure a group of RADIUS servers.

Table 112 aaa group server radius Commands

COMMAND

DESCRIPTION

clear aaa group server radius

Deletes all RADIUS server groups or the specified

group-name

RADIUS server group.

 

Note: You can NOT delete a server group

 

that is currently in use.

 

 

show aaa group server radius

Displays the specified RADIUS server group settings.

group-name

 

190

 

NXC CLI Reference Guide