DO NOT SHARE THESE DOCS WITH CUSTOMERS!
This is an LA release that will only be provided to a select number of PLM-sanctioned customers (PDFs only). Contact PLM for details.
In this section:
Use this parameter to configure information to communicate with one or more LDAP servers.
% set oam ldapAuthentication ldapServer <serverName> binddn <name> bindMethod <sasl|simple> groupNameAttribute <groupName, or empty string> ldapServerAddress <IPv4/IPv6 address> ldapServerPort <valid port> priority <1-3> saslMechanism <plain> searchbase <base> state <disabled|enabled> transport <ldaps|tcp|tls>
set oam ldapAuthentication ldapServer ldap1 priority 1 transport tls binddn "ou=people,dc=example,dc=com" searchbase "dc=example,dc=com" ldapServerAddress 169.172.201.153 state enabled
Use this parameter to configure a set of filters against predefined or custom groups to determine if the specified user is a member of those groups. Each filter is accessed in the order specified in the LDAP Filters table. If a filter returns at least one record, then the user is considered part of that group, and that group name is used.
% set oam ldapAuthentication ldapFilters filter <LDAP filter string> groupName <name of CLI group name to login to CLI> order <integer>
set oam ldapAuthentication ldapFilters order 1 groupName Administrator filter (&(uid=%%USERNAME%% )(accessLevel:=userAccessLevel1))
Use this parameter to configure the LDAP Server Retry criteria settings.
% set oam ldapAuthentication retryCriteria retryTimer <500-45000> retryCount <1-3> oosDuration <0-300>
set oam ldapAuthentication retryCriteria retryTime 1000 retryCount 3 oosDuration 60
An LDAP server is marked "unavailable" when the SBC cannot reach it. Use this command to re-enable the LDAP server, which will set the status back to "available".
% request oam ldapAuthentication ldapServer <servername> reEnableServer
request oam ldapAuthentication ldapServer ldapServer1 reEnableServer