CONFIG LDAP EXTERNAL

Level

admin+modify

History

firewallid Appears in Netasq 6 0 0
cndn Appears in Netasq 6 2 3
protectchars Appears in 6 3 0
readonly Appears in Netasq 9 0 0
serversdn and serversfilter Appears in Netasq 9 0 0
GroupSchema appears in 1 2 0
realbind and FullAdminDN appear in 3 0 0
protectchars removed in 3 4 0
pageSize appears in 4 4 0
serversfilter, confdn, serversdn removed in 4 4 0

Description

Specify parameters for an external LDAP server

Usage

domainname=<domain> basedn=<Base DN> host=<Host IP> [port=<Port>] [backuphost=<host IP> [backupport=<Port>]]
[user=<LDAP User> [password=<LDAP password>]] [auth=Simple|SSL] [cacert=<certname>]
[usersdn=<users dn>] [groupsdn=<groups dn>]
[usersfilter=<LDAP filter for users>]
[groupsfilter=<LDAP filter for groups>]
[cndn=0|1] [readonly=0|1] [groupschema=groupofmember|posixgroup] [realbind=on|off] [FullAdminDN=0|1] [pageSize=<LDAP page size>]

Returns

Error code

Remark

Internal LDAP base will be destroyed if exists
usersdn and groupsdn are required for (resp) users and groups creation
cacert use external CA to check the LDAP server certificate (in SSL mode)
With SSL mode, the server host name MUST exist in DNS and match certifcate subject name
Default value for GroupSchema is GroupOfMember

Example

CONFIG LDAP EXTERNAL domainname=external basedn="o=stormshield,dc=fr" host="ldap intranet int" user="cn=StormshieldAdmin" password="LDAPadmin"
CONFIG LDAP EXTERNAL domainname=external basedn="o=stormshield,dc=fr" host="ldap intranet int" user="cn=StormshieldAdmin" password="LDAPadmin" auth=SSL cacert="trust_ca"
CONFIG LDAP EXTERNAL domainname=ororo munroe basedn="o=stormshield,dc=eu" host="ldap ororo int" user="cn=StormshieldAdmin" password="adminadmin" realbind=off