Mellanox MLNX-OS®Command Reference Guide for SX1018HP Ethernet Managed Blade Switch
Rev 1.6.2
Mellanox Technologies
155
ldap group-attribute/group-dn
ldap {group-attribute {<group-att> |member | uniqueMember} | group-dn
<group-dn>}
no ldap {group-attribute | group-dn}
Sets the distinguished name or attribute name of a group on the LDAP server.
The no form of the command resets the attribute to its default values.
Syntax Description group-att Specifies a custom attribute name.
member groupOfNames or group membership attribute.
uniqueMember groupOfUniqueNames membership attribute.
group-dn DN of group required for authorization.
Default group-att: member
group-dn: “”
Modes/Context Config
History 3.1.0000
Role admin
Example
switch (config) # ldap group-attribute member
switch (config) # ldap group-dn my-group-dn
switch (config) # show ldap
User base DN : ou=department,dc=example,dc=com
User search scope : subtree
Login attribute : sAMAccountName
Bind DN : my-dn
Bind password : my-password
Group base DN : my-group-dn
Group attribute : member
LDAP version : 3
Referrals : yes
Server port : 389
Search Timeout : 5
Bind Timeout : 5
SSL mode : none
Server SSL port : 636 (not active)
SSL cert verify : yes
LDAP servers:
1: 10.10.10.10
2: 10.10.10.12
switch (config) #
Related Commands show ldap
Note
• The user's distinguished name must be listed as one of the values of this attribute, or the
user will not be authorized to log in
• After login authentication, if the group-dn is set, a user must be a member of this group or
the user will not be authorized to log in. If the group is not set (“” - the default) no authori-
zation checks are done.