ldap-server

Use ldap-server to specify an LDAP server for a PKI domain.

Use undo ldap-server to restore the default.

Syntax

ldap-server host hostname [ port port-number ] [ vpn-instance vpn-instance-name ]

undo ldap-server

Default

No LDAP server is specified for a PKI domain.

Views

PKI domain view

Predefined user roles

network-admin

mdc-admin

Parameters

host hostname: Specifies an LDAP server by its IPv4 address, IPv6 address, or domain name. The domain name is a case-sensitive string of 1 to 255 characters.

port port-number: Specifies the port number of the LDAP server. The value range is 1 to 65535, and the default is 389.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the LDAP server is on the public network, do not specify this option.

Usage guidelines

You must specify an LDAP server for a PKI domain in the following situations:

You can specify only one LDAP server for a PKI domain. If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify LDAP server 10.0.0.1 for PKI domain aaa.

<Sysname> system-view
[Sysname] pki domain aaa
[Sysname-pki-domain-aaa] ldap-server host 10.0.0.1

# Specify LDAP server 10.0.0.11 in VPN instance vpn1 for PKI domain aaa. Set the port number to 333.

<Sysname> system-view
[Sysname] pki domain aaa
[Sysname-pki-domain-aaa] ldap-server host 10.0.0.11 port 333 vpn-instance vpn1

Related commands

pki retrieve-certificate

pki retrieve-crl