BLADE OS™ Application Guide HP GbE2c Ethernet Blade Switch for c-Class BladeSystem Version 5.1 Advanced Functionality Software
Table Of Contents
- Contents
- Figures
- Tables
- Preface
- Part 1: Basic Switching
- Accessing the Switch
- The Management Network
- Local Management Using the Console Port
- The Command Line Interface
- Remote Management Access
- Client IP Address Agents
- Securing Access to the Switch
- Setting Allowable Source IP Address Ranges
- RADIUS Authentication and Authorization
- TACACS+ Authentication
- LDAP Authentication and Authorization
- Secure Shell and Secure Copy
- Configuring SSH/SCP Features on the Switch
- Configuring the SCP Administrator Password
- Using SSH and SCP Client Commands
- SSH and SCP Encryption of Management Messages
- Generating RSA Host and Server Keys for SSH Access
- SSH/SCP Integration with Radius Authentication
- SSH/SCP Integration with TACACS+ Authentication
- End User Access Control
- Ports and Trunking
- Port-Based Network Access Control
- VLANs
- Spanning Tree Protocol
- RSTP and MSTP
- Link Layer Discovery Protocol
- Quality of Service
- Accessing the Switch
- Part 2: IP Routing
- Basic IP Routing
- Routing Information Protocol
- IGMP
- OSPF
- OSPF Overview
- OSPF Implementation in BLADE OS
- OSPF Configuration Examples
- Remote Monitoring
- Part 3: High Availability Fundamentals
- High Availability
- Layer 2 Failover
- Server Link Failure Detection
- VRRP Overview
- Failover Methods
- BLADE OS Extensions to VRRP
- Virtual Router Deployment Considerations
- High Availability Configurations
- High Availability
- Part 4: Appendices
- Index
BLADE OS 5.1 Application Guide
BMD00113, September 2009 Chapter 1: Accessing the Switch 53
Configuring LDAP Authentication on the Switch
1. Turn LDAP authentication on, then configure the Primary and Secondary LDAP servers.
2. Configure the domain name.
3. If desired, you may change the default TCP port number used to listen to LDAP.
The well-known port for LDAP is 389.
4. Configure the number of retry attempts for contacting the LDAP server, and the timeout period.
5. Apply and save the configuration.
>> Main# /cfg/sys/ldap (Select the LDAP Server menu)
>> LDAP Server# on (Turn LDAP on)
Current status: OFF
New status: ON
>> LDAP Server# prisrv 10.10.1.1 (Enter primary server IP)
Current primary LDAP server: 0.0.0.0
New pending primary LDAP server: 10.10.1.1
>> LDAP Server# secsrv 10.10.1.2 (Enter secondary server IP)
Current secondary LDAP server: 0.0.0.0
New pending secondary LDAP server: 10.10.1.2
>> LDAP Server# domain
Current LDAP domain name: ou-people,dc=domain,dc=com
Enter new LDAP domain name: ou=people,dc=mydomain,dc=com
>> LDAP Server# port <server port number (1-65000)>
>> LDAP Server# retries <server retries (1-3)>
>> LDAP Server# timeout <timeout period in minutes (4-15)>