display ldap scheme
Use display ldap scheme to display LDAP scheme configuration.
Syntax
display ldap scheme [ ldap-scheme-name ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
ldap-scheme-name: Specifies an LDAP scheme by its name, a case-insensitive string of 1 to 32 characters. If you do not specify an LDAP scheme, this command displays the configuration of all LDAP schemes.
Examples
# Display the configuration of all LDAP schemes.
<Sysname> display ldap scheme Total 1 LDAP schemes ------------------------------------------------------------------ LDAP scheme name : aaa Authentication server : aaa IP : 1.1.1.1 Port : 111 VPN instance : Not configured LDAP protocol version : LDAPv3 Server timeout interval : 10 seconds Login account DN : Not configured Base DN : Not configured Search scope : all-level User searching parameters: User object class : Not configured Username attribute : cn Username format : with-domain Authorization server : aaa IP : 1.1.1.1 Port : 111 VPN instance : Not configured LDAP protocol version : LDAPv3 Server timeout interval : 10 seconds Login account DN : Not configured Base DN : Not configured Search scope : all-level User searching parameters: User object class : Not configured Username attribute : cn Username format : with-domain Attribute map : map1 ------------------------------------------------------------------
Table 12: Command output
Field | Description |
---|---|
Authentication server | Name of the LDAP authentication server. If no server is configured, this field displays Not configured. |
Authorization server | Name of the LDAP authorization server. If no server is configured, this field displays Not configured. |
IP | IP address of the LDAP server. If no server is specified, this field displays Not configured. |
Port | Port number of the server. If no port number is specified, this field displays the default port number. |
VPN instance | MPLS L3VPN instance to which the LDAP server belongs. If no VPN instance is specified, this field displays Not configured. |
LDAP protocol version | LDAP version, LDAPv2 or LDAPv3. |
Server timeout interval | LDAP server timeout period, in seconds. |
Login account DN | DN of the administrator. |
Base DN | Base DN for user search. |
Search scope | User DN search scope, including:
|
User searching parameters | User search parameters. |
User object class | User object class for user DN search. If no user object class is configured, this field displays Not configured. |
Username attribute | User account attribute for login. |
Username format | Format for the username sent to the server. |
Attribute map | LDAP attribute map used by the scheme. If no LDAP attribute map is used, this field displays Not configured. |