In this section:
On the SBC main screen, go to All > OAM > Ldap Authentication > Ldap Server.
View LDAP Server Settings
Use the Ldap Server screen to view LDAP server settings.
Figure 1: LDAP Server List
Create LDAP Server
Use the Create New Ldap Server screen to create an LDAP server.
Figure 2: Create New LDAP Server Screen
Re-enable LDAP Server
Use the Ldap Server Commands screen to re-enable the LDAP server.
Figure 3: LDAP Server Commands Screen
Table 1: Re-enable Server Parameters
Parameter | Description |
---|---|
Ldap Server | The name of the LDAP server. |
Re Enable Server | An LDAP server is marked "unavailable" when the SBC cannot reach it. Use this action to re-enable an LDAP server, which then sets the status back to "available". |
LDAP Server Parameters
The following table describes the LDAP Server Parameters. Use the table to edit the LDAP server settings as needed and click Save.
Table 2: LDAP Server Parameters
Parameter | Length/Range | Description | Mandatory (M) |
---|---|---|---|
Server Name | Up to 23 characters | The name of the LDAP server. | M |
Priority | 1-25 | The server priority, where '1' is the highest priority. | M |
State | N/A | The state of this LDAP server.
| O |
Bind Method | N/A | Specify the Bind Method to use.
| O |
Sasl Mechanism | N/A | The SASL mechanism to use.
| O |
Transport | N/A | The transport type to use.
| O |
Binddn | String | The distinguished name to use for the bind operation (only used for simple binds). In the following example, the SBC replaces the " " (i.e., " | M, if bind Method = simple |
Searchbase | String | This parameter specifies the location where the user records are located, and serves as the base for the LDAP query. | M |
Ldap Server Address | String in IPv4, IPv6 or FQDN format | The IPv4 address, IPv6 address or FQDN of the server as a hostname. The supported formats are:
When using digest-md5 with sasl mode,
| M |
Ldap Server Port | 1-65535 | The LDAP server port. The default value is 389. NOTE: If transport = Ldaps, specify port 636. | O |
Group Name Attribute | String | Use this parameter to define the group name attribute.
| O |
Return Attribute* | 1-255 | The attribute returned from the search for the group name of the LDAP user. For example, in the above query, if cn is specified as the return attribute, then the returned attribute will be: | O |
Search Filter* | 1-255 characters | The LDAP filter used to search for the group name of the LDAP user. Specify {0} in the search filter to specify the user in the searchFilter. For example: (&(objectClass=group)(member=cn={0},CN=Users,DC=example,DC=tst)) | O |
System Password* | string | The password for the LDAP user with Administrative privileges systemUser ). Leave blank if the systemUsername is not specified. | O |
System Username* | 1-255 characters | An LDAP user with Administrative privileges – Leave blank, or enter a user name. Ensure the username field is ONLY the username (jsmith) and not the DistinguishedName (DN). In other words, CN=jsmith,CN=Users,DC=rbbn,DC=com. Note
If The | O |
* To use this feature, you must set "Ldap Configuration Mode" to "Advanced".