A role policy also enables LDAP service, allowing controllers and access points to retrieve user information from the LDAP server. This information is matched with the user-defined role filters to determine if a client matches the role or not, and should be allowed or denied access to the controller managed network.
Use the (config-role-policy) instance to configure role policy related configuration commands. To navigate to the config-role instance, use the following commands:
<DEVICE>(config)#role-policy <POLICY-NAME>
nx9500-6C8809(config)#role-policy test nx9500-6C8809(config-role-policy-test)#? Role Policy Mode commands: default-role Configuration for Wireless Clients not matching any role ldap-deadperiod Ldap dead period interval ldap-query Set the ldap query mode ldap-server Add a ldap server ldap-timeout Ldap query timeout interval no Negate a command or set its defaults user-role Create a role clrscr Clears the display screen commit Commit all changes made in this session do Run commands from Exec mode end End current mode and change to EXEC mode exit End current mode and down to previous mode help Description of the interactive help system revert Revert changes service Service Commands show Show running system information write Write running configuration to memory or terminal nx9500-6C8809(config-role-policy-test)#