configure ldap domain bind-user

configure ldap {domain [domain_name |all]} bind-user [user_name {encrypted encrypted_password} | password | anonymous]


Configures the LDAP client credentials required for the switch to access an LDAP server.

Syntax Description


Specifies the LDAP domain for which this bind-user is to be configured.


Specifies the user name for LDAP server access.


Indicates that the specified password is encrypted.


Specifies the user password for LDAP server access.


To support Digest RSA Data Security, Inc. MD5 Message-Digest Algorithm over SASL, the password must be stored using ‘reverse encryption.‘


Specifies user anonymous for LDAP server access.


If no domain is specified, the bind-user is configured for the default domain.

Usage Guidelines

The bind-user is an LDAP user who has read access to user information in the LDAP directory.

On many newer directory servers "anonymous" access is disabled. You may also find that though the LDAP bind succeeds, the anonymous user might be denied read access to user information.


The following command configures the LDAP bind user as jsmith with password Extreme for the domain

* Switch.14 # configure ldap domain bind-user jsmith password Extreme


This command was first available in ExtremeXOS 12.5.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X695, X870, 5320, 5420, and 5520 series switches.