User Guide
Chapter 6 Configuring authentication 253
Nortel Secure Network Access Switch 4050 User Guide
The LDAP menu displays.
The LDAP menu includes the following options:
/cfg/domain 1/aaa/auth #/ldap
followed by:
servers Accesses the LDAP servers menu, in order to manage
the external LDAP servers configured for the domain
(see “Managing LDAP authentication servers using the
CLI” on page 256).
searchbase <DN> Specifies the Distinguished Name (DN) that points to
one of the following:
1. the entry that is one level up from the user entries
For example, if the searchbase value is set to:
ou=People,dc=bluetail,dc=com
authentication will be performed against a DN that
corresponds to:
uid = <user>, ou = People, dc = bluetail, and dc =
com
where uid is an example of a user attribute, ou =
organization unit, and dc = domain component.
Do not use the
isdbinddn and isdbindpas
commands.
2. if user entries are located in several places in the
LDAP Dictionary Information Tree (DIT), or if the
client’s portal logon name is different from the user
record identifier (RDN), the position in the DIT from
where all user records can be found with a subtree
search
The isdbinddn and isdbindpas parameters
are required so that the Nortel SNAS 4050 can
authenticate itself to the LDAP server, in order to
search the DIT.
groupattr <names>
Specifies the LDAP attribute that contains the names of
the groups. The group names contained in the LDAP
attribute must be defined in the Nortel SNAS 4050
domain (see “Configuring groups using the CLI” on
page 198).
To specify more than one group attribute name, enter
the names separated by a comma (,).