The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
Configures LDAP parameters.
Security Administrator, Administrator
Exec > Global Configuration
ldap [ replicas replica_count | repository helm_repository ] Specify the replica count.
Must be an integer.
Default Value: 1.
Specify to override Helm repository.
Use this command to configure the LDAP parameters Replica Count and Override Helm Repository.
Configures the LDAP server set parameters.
Security Administrator, Administrator
Exec > Global Configuration
ldap server-set server_name [ add-child-on-parent-create-failure { false | true } | add-request-attribute attribute_name attribute_value | binds-per-second binds_count | connection connection_address port_number {auto-reconnect { false | true } | bind-timeout-ms bind_timeout_ms | connection-rule FASTEST/ROUND_ROBIN | priority priority_number | timeout-ms timeout } | ignore-ldap-error-result-codes result_code | initial-connections initial_connections | max-connections max_connections | max-failover-connection-age-ms max_failover_connections | missing-attribute-result-code attribute_code | number-consecutive-timeouts-for-bad-connection count_timeout | retry-count retry_count | retry-timer-ms retry_time | use-asynchronous-operations { false | true } ] Specify the name of the LDAP server set.
Must be a string.
Specify the initial connections.
Must be an integer.
Default Value: 1.
Specify the maximum number of connections.
Must be an integer.
Default Value: 10.
Specify the retry count.
Must be an integer.
Default Value: 3.
Specify the retry timer timeout period in milliseconds.
Must be an integer.
Default Value: 50.
Specify the maximum failover connection age in milliseconds.
Must be an integer.
Default Value: 60000.
Specify the number of binds per second.
Must be of type decimal64, with 2 fraction digits.
Default Value: 0.20.
Specify the number of consecutive timeouts for bad connection.
Must be an integer.
Default Value: -1.
Specify to enable or disable using LDAP asynchronous operations.
Must be either "false" or "true".
Default Value: true.
Specify to enable or disable additions of child on parent creation failure.
Must be either "false" or "true".
Default Value: true.
Specify missing attribute result code.
Must be an integer.
Default Value: 0.
Specify to ignore LDAP error result codes.
Must be an integer.
Use this command to configure LDAP server set parameters.
Configures the request attribute.
Security Administrator, Administrator
Exec > Global Configuration
add-request-attribute attribute_name attribute_value Specify the request attribute name.
Must be a string.
Specify the request attribute value.
Must be a string.
Use this command to configure the request attribute.
Configure the LDAP connection parameters.
Security Administrator, Administrator
Exec > Global Configuration
connection ldap_address port_number { auto-reconnect { false | true } | bind-timeout-ms bind_timeout | connection-rule connection_rule | priority priority_number | timeout-ms timeout } Specify the address of the LDAP server.
Must be a string.
Specify the port number of the LDAP server.
Must be an integer.
Specify the priority of the LDAP server set.
Must be an integer.
Default Value: 100.
Specify the connection algorithm.
Must be one of the following:
FASTEST
ROUND_ROBIN
Default Value: ROUND_ROBIN.
Specify to enable or disable auto reconnect to LDAP hosts.
Must be either "false" or "true".
Default Value: true.
Specify the timeout period for calls to LDAP in milliseconds.
Must be an integer.
Default Value: 200.
Specify the timeout period for bind calls to LDAP in milliseconds.
Must be an integer.
Default Value: 2000.
Use this command to configure the LDAP connection parameters.
Configures the health check parameters.
Security Administrator, Administrator
Exec > Global Configuration
health-check { attributes attribute_string | dn health_check_dn | filter filter_string | interval-ms interval_value } Specify the health check interval in milliseconds.
Must be an integer.
Default Value: 5000.
Specify the health check DN.
Must be a string.
Specify the health check filter.
Must be a string.
Specify the health check attributes.
Must be a string.
Use this command to configure the health check parameters.
Enables search user for LDAP.
Security Administrator, Administrator
Exec > Global Configuration
search-user { [ dn user_dn ] [ password user_password ] } Specify the user DN.
Must be a string.
Specify the user password.
Must be an aes-cfb-128-encrypted string.
Use this command to enable search user for LDAP.
Feedback