Configure Client Role LDAP Settings

About this task

To configure a wireless client‘s role policy and matching criteria:

Procedure

  1. Go to Configuration → Security → Wireless Client Roles.
    The Wireless Client Roles screen displays the name of those client role policies created thus far.
    Click to expand in new window
    Wireless Client Roles Screen
    GUID-C1635C3E-AD8D-4D73-B94E-639E2BEB69DE-low.png
  2. Select Add to create a new Wireless Client Role policy, Edit to modify an existing policy or Delete to remove a policy.

    The LDAP Settings tab displays by default.

    Click to expand in new window
    Wireless Client Roles - Add/Edit - LDAP Settings Tab
    GUID-B87CAE7C-3211-4B8E-A111-A11FF3531409-low.png
  3. In the Configuration section, define the following LDAP server parameters:
    LDAP Query If LDAP attributes are enabled for the selected wireless client role policy, select an LDAP query mode of either Internal (Self) or Through Wireless Controller. Select Internal (Self) to use local LDAP server resources configured in the LDAP Server Options.
    Dead Period When using an external LDAP server, select the Dead Period between 60 and 300 seconds. The Dead Period is the timeout value before the system will attempt to rebind with the LDAP server.
    Timeout When using an external LDAP server, select a Timeout value to specify how long of a delay between request and responses before LDAP bind and queries will be timed out.
  4. In the LDAP Server Options section, use the + Add Row button to add an LDAP server to the list or double-click on an existing LDAP server entry to edit it.
    When adding or editing the LDAP server options, define the following parameters:
    ServerId When adding or editing an LDAP server entry, enter the LDAP server ID as either 1 or 2.
    Host When adding or editing an LDAP server entry, enter the LDAP server's fully qualified domain name or IP address in the Host field.
    Bind DN When adding or editing an LDAP server entry, enter the LDAP server's bind distinguished name in the Bind DN field.
    Base DN When adding or editing an LDAP server entry, enter the LDAP server's base distinguished name in the Base DN field.
    Bind Password When adding or editing an LDAP server entry, enter the password for bind. Click the Show button to display the password.
    Port When adding or editing an LDAP server entry, enter the LDAP server port number. To select from a list of frequently used services and their corresponding port numbers, use the drop-down menu and select a service.
9036512-00 Rev AA