|
|
|
|
|
authentication
config # authentication
Available commands:
add Add a new LDAP server
addClone Add a new LDAP server, cloning another server
delete Delete LDAP server
modify Modify an existing LDAP server
authentication ldap add <host> <port> < type> <security> <bindtype> <basedn> <loginnameattr> <userentryclass> [userSearchSubfilter <usersearchfilter>] [adDomain <addomain>] [verifyServerCertificate <certverify>] [allowExpiredCertificate <allowexpiredcert>] [bindDN <binddn>]
Add a new LDAP server
host IP address/host name
port Port number (0..4294967295)
type LDAP server type (openldap/activeDirectory)
security Security type (none/startTls/tls)
bindtype Bind type (anonymousBind/authenticatedBind)
basedn Base DN for search
loginnameattr Login name attribute
userentryclass User entry object class
userSearchSubfilter User search subfilter
adDomain Active directory domain
verifyServerCertificate Enable validation of LDAP server certificate (true/false)
allowExpiredCertificate Allow expired and not yet valid server certificates (true/false)
bindDN Bind DN
authentication ldap addClone <index> <host>
Add a new LDAP server, cloning another server
index Source server index
host IP address/host name
authentication ldap delete <index>
Delete LDAP server
index Server index
authentication ldap modify <index> [host <host>] [port <port>] [serverType <Server type>] [securityType <security>] [bindType <bindtype>] [searchBaseDN <basedn>] [loginNameAttribute <loginnameattr>] [userEntryObjectClass <userentryclass>] [userSearchSubfilter <usersearchfilter>] [adDomain <addomain>] [verifyServerCertificate <certverify>] [certificate] [allowExpiredCertificate <allowexpiredcert>] [bindDN <binddn>] [bindPassword] [sortPosition <position>]
Modify an existing LDAP server
index Index
host IP address/host name
port Port number (0..4294967295)
serverType LDAP server type (openldap/activeDirectory)
securityType Security type (none/startTls/tls)
bindType Bind type (anonymousBind/authenticatedBind)
searchBaseDN Base DN for search
loginNameAttribute Login name attribute
userEntryObjectClass User entry object class
userSearchSubfilter User search subfilter
adDomain Active directory domain
verifyServerCertificate Enable validation of LDAP server certificate (true/false)
certificate Certificate CA chain
allowExpiredCertificate Allow expired and not yet valid server certificates (true/false)
bindDN Bind DN
bindPassword Bind password
sortPosition New position in server list
Available commands:
Add a new Radius server
authentication radius add <host> <type > <authport> <acctport> <timeout> <retries>
host IP address/host name
type Authentication type (pap/chap/msChapV2)
authport Authentication port number (0..4294967295)
acctport Accounting port number (0..4294967295)
timeout Timeout (1..60)
retries Number of retries (0..5)
Delete Radius server
index Server index
Modify an existing Radius server
config:# authentication radius modify
authentication radius modify <index> [host <host>] [authType ] [authPort <authport>] [accountPort <acctport>] [timeout <timeout>] [retries <retries>] [secret] [sortPosition <position>]
index Index
host IP address/host name
authType Authentication type (pap/chap/msChapV2)
authPort Authentication port number (0..4294967295)
accountPort Accounting port number (0..4294967295)
timeout Timeout (1..60)
retries Number of retries (0..5)
secret Shared secret
sortPosition New position in server list
authentication type [useLocalIfRemoteUnavailable <localfallback>]
Configure authentication type
type Authentication type (local/ldap/radius)
useLocalIfRemoteUnavailable Use local authentication if remote authentication is unavailable (true/false)