Example for Configuring LDAP
Networking Requirements
Users are connected to the Internet through the switch. Users configure the LDAP function on the switch to accomplish authentication and authorization through LDAP server 1 and LDAP server 2.
LDAP Server 1: the device is used to manage user accounts and passwords.
LDAP Server 2: the device is used to store email, groups, contact information.
Switch A connects to the LDAP server by the corresponding interface.
NOTE:
Complete the setup and configuration of the network environment according to the network environment and confirm that the network is reachable.
Figure 1. LDAP Configuration Example
Procedure
Step 1 Enable LDAP function on Switch A.
admin@SwitchA# set system aaa ldap disable false
Step 2 Configure the command-level, permit command and group-name.
admin@SwitchA# set system aaa ldap command-level 1 permit "set vlans"
admin@SwitchA# set system aaa ldap command-level 1 permit “set protocols”
admin@SwitchA# set system aaa ldap group jump-arlington command-level 1
admin@SwitchA# set system aaa ldap group group1 command-level 1
Step 3 Configure LDAP server IP.
admin@SwitchA# set system aaa ldap server-ip 10.36.15.233
admin@SwitchA# set system aaa ldap server-ip 10.36.15.6
Step 4 Configure the shared secret text string used between the router and an LDAP server.
Step 5 Specify the distinguished name (DN) as search base.
Step 6 Configure LDAP connection timeout.
Step 7 Configure LDAP search filter to be used in search requests.
Verifying the Configuration
The command run show ldap can be used to check the configuration information on Switch A.
Copyright © 2024 Pica8 Inc. All Rights Reserved.