Modify an Existing LDAP Server
You can modify one or multiple parameters of an existing LDAP server, such as
its IP address, TCP port number, and Base DN. You also can change the priority
or sequence of existing LDAP servers in the server list.
-
To modify the settings on an existing LDAP server, at the config:# prompt,
type authentication ldap modify <server_num>
"parameters", and press Enter.
<server_num> is the sequential number of the specified server in the
LDAP server list.
Replace "parameters" with one or multiple commands in the following table,
depending on which parameter(s) you want to modify.
|
|
host <host>
|
Change the IP address or host name, where <host> is
the new IP address or host name.
|
port <port>
|
Change the TCP port number, where <port> is the new
TCP port number.
|
serverType <ldap_type>
|
Change the server type, where <ldap_type> is the
new type of the LDAP server. <ldap_type> values
include openldap and activeDirectory.
|
securityType <security>
|
Change the security type, where <security> is the
new security type. <security> values include none,
startTls, and ssl.
|
bindType <bind_type>
|
Change the bind type, where <bind_type> is the new
bind type. <bind_type> values include anonymousBind
and authenticatedBind.
|
searchBaseDN <base_DN>
|
Change the base DN for search, where <base_DN> is
the new base DN for search.
|
loginNameAttribute <login_name_att>
|
Change the login name attribute, where
<login_name_att> is the new login name
attribute.
|
userEntryObjectClass <user_entry_class>
|
Change the user entry object class, where
<user_entry_class> is the new user entry
class.
|
userSearchSubfilter <user_search_filter>
|
Change the user search subfilter, where
<user_search_filter> is the new user search
subfilter.
|
adDomain <AD_domain>
|
Change the Active Directory Domain name, where
<AD_domain> is the new domain name of the Active
Directory.
|
verifyServerCertificate <verify_cert>
|
Enable or disable the certificate verification, where
<verify_cert> enables or disables the certificate
verification feature. Available values include true and
false.
|
certificate
|
Re-upload a different certificate.
-
First add the "certificate" parameter to the
command, and press Enter.
-
When prompted, type or copy the content of the
certificate in the CLI, and press Enter.
|
allowExpiredCertificate <allow_exp_cert>
|
Determine whether to accept a certificate which is
expired or not valid yet, where <allow_exp_cert>
determines whether to accept an expired or not valid yet
certificate. <allow_exp_cert> values include true and
false.
|
bindDN <bind_DN>
|
Change the bind DN, where <bind_DN> is the new bind
DN.
|
bindPassword
|
Change the bind DN password.
-
Add the "bindPassword" parameter to the
command and press Enter.
-
When prompted, type the password, and press
Enter.
|
sortPosition <position>
|
Change the priority of the server (sorting), where
<position> is the new sequential number of the server
in the LDAP server list.
|
|
Example 7 Change the IP Address of the 1st LDAP Server
At the config:# prompt, type authentication ldap modify 1 host
192.168.3.3, and press Enter.
Example 8 Change the IP address and TCP Port of the 1st LDAP Server
At the config:# prompt, type authentication ldap modify 1 host
192.168.3.3 port 633, and press Enter.
Example 9 Change the IP address, TCP Port, and the Type of the 1st LDAP Server
At the config:# prompt, type authentication ldap modify 1 host
192.168.3.3 port 633 serverType activeDirectory, and press
Enter.