CONFIG LDAP EXTERNAL
Level
admin+modify
History
firewallid Appears in Netasq 6 0 0
cndn Appears in Netasq 6 2 3
protectchars Appears in 6 3 0
readonly Appears in Netasq 9 0 0
serversdn and serversfilter Appears in Netasq 9 0 0
GroupSchema appears in 1 2 0
realbind and FullAdminDN appear in 3 0 0
protectchars removed in 3 4 0
pageSize appears in 4 4 0
serversfilter, confdn, serversdn removed in 4 4 0
Description
Specify parameters for an external LDAP server
Usage
domainname=<domain> basedn=<Base DN> host=<Host IP> [port=<Port>] [backuphost=<host IP> [backupport=<Port>]]
[user=<LDAP User> [password=<LDAP password>]] [auth=Simple|SSL] [cacert=<certname>]
[usersdn=<users dn>] [groupsdn=<groups dn>]
[usersfilter=<LDAP filter for users>]
[groupsfilter=<LDAP filter for groups>]
[cndn=0|1] [readonly=0|1] [groupschema=groupofmember|posixgroup] [realbind=on|off] [FullAdminDN=0|1] [pageSize=<LDAP page size>]
Returns
Error code
Remark
Internal LDAP base will be destroyed if exists
usersdn and groupsdn are required for (resp) users and groups creation
cacert use external CA to check the LDAP server certificate (in SSL mode)
With SSL mode, the server host name MUST exist in DNS and match certifcate subject name
Default value for GroupSchema is GroupOfMember
Example
CONFIG LDAP EXTERNAL domainname=external basedn="o=stormshield,dc=fr" host="ldap intranet int" user="cn=StormshieldAdmin" password="LDAPadmin"
CONFIG LDAP EXTERNAL domainname=external basedn="o=stormshield,dc=fr" host="ldap intranet int" user="cn=StormshieldAdmin" password="LDAPadmin" auth=SSL cacert="trust_ca"
CONFIG LDAP EXTERNAL domainname=ororo munroe basedn="o=stormshield,dc=eu" host="ldap ororo int" user="cn=StormshieldAdmin" password="adminadmin" realbind=off