ZyXEL Communications ZLD 30.2.7 aaa group server radius Commands

	Chapter 30 AAA Server

Table 151 aaa group server ldap Commands (continued)
COMMAND	DESCRIPTION
[no] case-sensitive	Specify whether or not the server checks the username case. Set this to be
	the same as the server’s behavior.

[no] server alternative-cn-	Sets the second type of identifier that the users can use to log in if any. For
identifier uid	example “name” or “e-mail address”. The no command clears this setting.
[no] server basedn basedn	Sets the base DN to point to the LDAP directory on the LDAP server group.
	The no command clears this setting.
[no] server binddn binddn	Sets the user name the ZyWALL uses to log into the LDAP server group. The
	no command clears this setting.
[no] server cn-identifier uid	Sets the user name the ZyWALL uses to log into the LDAP server group. The
	no command clears this setting.
[no] server description	Sets the descriptive information for the LDAP server group. You can use up
description	to 60 printable ASCII characters. The no command clears this setting.
[no] server group-attribute	Sets the name of the attribute that the ZyWALL is to check to determine to
group-attribute	which group a user belongs. The value for this attribute is called a group
	identifier; it determines to which group a user belongs. You can add ext-
	group-user user objects to identify groups based on these group identifier
	values.
	For example you could have an attribute named “memberOf” with values
	like “sales”, “RD”, and “management”. Then you could also create an ext-
	group-user user object for each group. One with “sales” as the group
	identifier, another for “RD” and a third for “management”. The no command
	clears the setting.
[no] server host ldap_server	Enter the IP address (in dotted decimal notation) or the domain name of an
	LDAP server to add to this group. The no command clears this setting.
[no] server password password	Sets the bind password (up to 15 characters). The no command clears this
	setting.

[no] server port port_no	Sets the LDAP port number. Enter a number between 1 and 65535. The
	default is 389. The no command clears this setting.
[no] server search-time-limit	Sets the search timeout period (in seconds). Enter a number between 1 and
time	300. The no command clears this setting and set this to the default setting
	of 5 seconds.

[no] server ssl	Enables the ZyWALL to establish a secure connection to the LDAP server.
	The no command disables this feature.

30.2.7 aaa group server radius Commands

The following table lists the aaa group server radius commands you use to configure a group of RADIUS servers.

Table 152 aaa group server radius Commands

COMMAND	DESCRIPTION
clear aaa group server radius group-	Deletes all RADIUS server groups or the specified RADIUS server group.
name
	Note: You can NOT delete a server group that is currently in use.

show aaa group server radius group-	Displays the specified RADIUS server group settings.
name

[no] aaa group server radius group-	Sets a descriptive name for the RADIUS server group. The no command
name	deletes the specified server group.

aaagroup server radius rename {group- Sets the server group name. name-old} group-name-new

	253
ZyWALL (ZLD) CLI Reference Guide	253