How it Works

This section describes how the feature works.

How to Validate a New Configuration

The steps to validate a new LDAP configuration are as follows.

  1. Login to the SMI Ops Center.

  2. Provide the LDAP new configuration inputs to validate (see the following example ).
    [pv/global] cee# smildap validate-security-config validate-new-security-config { ?
    Possible completions:
      base-dn                LDAP Base DN
      bind-dn                LDAP Bind DN
      group-attr             Group attribute
      group-mapping          LDAP group to application security mapping
      ldap-filter            LDAP Filter - use %s to sub username
      ldap-server-url        LDAP Server URL (https://tools.ietf.org/html/rfc2255)
      ldap-username-domain   LDAP Username Domain
      password               Password
      username               Existing User name in LDAP server
  3. Validate the LDAP new configuration (see the following example configuration).

    cee(config)# smildap validate-security-config validate-new-security-config 
    { base-dn dc=smi-lab,dc=com bind-dn cn=%s,ou=people,dc=smi-lab,dc=com group-attr 
    memberOf group-mapping { group admin ldap-group group1 } username user5 password 
    Passwd@123 ldap-filter cn=%s ldap-server-url ldap://209.165.200.224 }
    Mon Jun  20 05:02:24.635 UTC+00:00
    message accept "admin" external-user-group 1117 1117 /tmp

How to Validate an Existing LDAP Configuration

Use the following example configuration to validate an existing LDAP configuration.

cee# smildap validate-security-config validate-current-security-config
 
Mon Jun  20 05:07:41.765 UTC+00:00
 
Value for 'username' (<string>): user5
 
Value for 'password' (<string>): ********
 
message accept "admin" external-user-group 1117 1117 /tmp