configure ldap domain bind-user

configure ldap {domain [domain_name |all]} bind-user [user_name {encrypted encrypted_password} | password | anonymous]

Description

Configures the LDAP client credentials required for the switch to access an LDAP server.

Syntax Description

domain_name

Specifies the LDAP domain for which this bind-user is to be configured.

user_name

Specifies the user name for LDAP server access.

encrypted

Indicates that the specified password is encrypted.

password

Specifies the user password for LDAP server access.

Note:

To support Digest RSA Data Security, Inc. MD5 Message-Digest Algorithm over SASL, the password must be stored using ‘reverse encryption.‘

anonymous

Specifies user anonymous for LDAP server access.

Default

If no domain is specified, the bind-user is configured for the default domain.

Usage Guidelines

The bind-user is an LDAP user who has read access to user information in the LDAP directory.

On many newer directory servers "anonymous" access is disabled. You may also find that though the LDAP bind succeeds, the anonymous user might be denied read access to user information.

Example

The following command configures the LDAP bind user as jsmith with password Extreme for the domain sales.XYZCorp.com:

* Switch.14 # configure ldap domain sales.XYZCorp.com bind-user jsmith password Extreme

History

This command was first available in ExtremeXOS 12.5.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X695, X870, 5320, 5420, and 5520 series switches.