Manualshelf

HP Comware 5 Debug Manual Vol 1

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
41424344454647484950
Tab l e 16 describes output fields and messages for the debugging aaa-ldap event command.
Table 16 Output for the debugging aaa-ldap event command
Field
Description
user Authentication/authorization user name.
user id User ID assigned by AAA.
scheme name LDAP scheme name.
session id LDAP session ID.
Sent response message to AAA (user
id=user-id, operation-result).
Failure reason:
68Connection with the LDAP server failed.
69No response is from the LDAP server.
70Failed to send request to the LDAP server.
71The number of LDAP sessions reaches the maximum.
72The authentication information is invalid.
73The access method is not supported.
74Failed to bind the administrator DN.
75The user does not belong to any user group.
Message response timer expired
When the device established a connection with or sent a request to the
LDAP server, the message response timer expired.
server ip IP address of the LDAP server.
server port TCP port number of the LDAP server.
login name Administrator DN configured in the LDAP scheme.
search scope
Search scope:
1Next lower level of subdirectory of base-dn.
2All subdirectories of base-dn.
filter Filter criteria.
Examples
The output in the following examples was created when a Telnet user logged into and out of the device
under the following conditions:
The host of the Telnet user is connected to the device through the console port.
The device uses an LDAP authentication/authorization scheme for Telnet users.
# Enable LDAP event debugging.
<Sysname> debugging aaa-ldap event
*Dec 26 17:30:28:31 2007 Sysname ALDP/7/EVENT: Received authentication request from AAA
(user=xyz@aaa, user id=2, scheme name=scheme1).
*Dec 26 17:30:28:47 2007 Sysname ALDP/7/EVENT: Created a session successfully (session
id=5).
// LDAP received an authentication request and created a session.
*Dec 26 17:30:28:47 2007 Sysname ALDP/7/EVENT: Connecting with LDAP server (session id=5,
server ip=192.168.6.2, server port=389).
// LDAP was establishing a connection with the LDAP server.
46